Show filters
2,453 Total Results
Displaying 1-10 of 2,453
Sort by:
Attacker Value
Very High
CVE-2023-3519
Disclosure Date: July 19, 2023 (last updated February 14, 2025)
Unauthenticated remote code execution
12
Attacker Value
Very High
CVE-2019-19781
Disclosure Date: November 05, 2019 (last updated November 27, 2024)
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
4
Attacker Value
Moderate
CVE-2021-40870
Disclosure Date: September 13, 2021 (last updated November 28, 2024)
An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.
3
Attacker Value
Very High
CVE-2020-8196
Disclosure Date: July 10, 2020 (last updated November 28, 2024)
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
3
Attacker Value
Very High
CVE-2020-8195
Disclosure Date: July 10, 2020 (last updated November 28, 2024)
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
3
Attacker Value
Moderate
CVE-2020-8193
Disclosure Date: July 10, 2020 (last updated November 28, 2024)
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.
3
Attacker Value
Very High
CVE-2023-4966
Disclosure Date: October 10, 2023 (last updated February 14, 2025)
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.
3
Attacker Value
Moderate
CVE-2020-8200
Disclosure Date: September 18, 2020 (last updated November 28, 2024)
Improper authentication in Citrix StoreFront Server < 1912.0.1000 allows an attacker who is authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary files from that server.
3
Attacker Value
Unknown
CVE-2023-6549
Disclosure Date: January 17, 2024 (last updated May 10, 2024)
Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read
3
Attacker Value
Unknown
CVE-2023-6548
Disclosure Date: January 17, 2024 (last updated January 26, 2024)
Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.
3
