Filtered by vendor Citrix
Subscriptions
Total
448 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24489 | 1 Citrix | 1 Sharefile Storage Zones Controller | 2025-07-30 | 9.8 Critical |
| A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller. | ||||
| CVE-2023-3519 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2025-07-30 | 9.8 Critical |
| Unauthenticated remote code execution | ||||
| CVE-2023-4966 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2025-07-30 | 9.4 Critical |
| Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. | ||||
| CVE-2023-6548 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2025-07-30 | 5.5 Medium |
| Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface. | ||||
| CVE-2023-6549 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2025-07-30 | 8.2 High |
| Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read | ||||
| CVE-2025-5777 | 2 Citrix, Netscaler | 4 Netscaler Application Delivery Controller, Netscaler Gateway, Adc and 1 more | 2025-07-30 | 7.5 High |
| Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server | ||||
| CVE-2025-6543 | 2 Citrix, Netscaler | 4 Netscaler Application Delivery Controller, Netscaler Gateway, Adc and 1 more | 2025-07-30 | 9.8 Critical |
| Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server | ||||
| CVE-2024-12284 | 1 Citrix | 2 Netscaler Agent, Netscaler Console | 2025-07-25 | 8.8 High |
| Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows. | ||||
| CVE-2024-8535 | 2 Citrix, Netscaler | 4 Netscaler Application Delivery Controller, Netscaler Gateway, Adc and 1 more | 2025-07-25 | 8.1 High |
| Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources | ||||
| CVE-2024-8534 | 2 Citrix, Netscaler | 7 Netscaler Application Delivery Controller, Netscaler Gateway, Adc and 4 more | 2025-07-25 | 8.1 High |
| Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver) OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled | ||||
| CVE-2024-8069 | 2 Citrix, Citrix Session Recording | 2 Session Recording, Citrix Session Recording | 2025-07-25 | 8.8 High |
| Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server | ||||
| CVE-2024-8068 | 1 Citrix | 1 Session Recording | 2025-07-25 | 8.0 High |
| Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain | ||||
| CVE-2024-6677 | 1 Citrix | 1 Uberagent | 2025-07-25 | 7.8 High |
| Privilege escalation in uberAgent | ||||
| CVE-2024-6286 | 1 Citrix | 1 Workspace | 2025-07-25 | 7.8 High |
| Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows | ||||
| CVE-2024-6150 | 1 Citrix | 1 Provisioning | 2025-07-25 | 4.3 Medium |
| A non-admin user can cause short-term disruption in Target VM availability in Citrix Provisioning | ||||
| CVE-2024-6151 | 1 Citrix | 1 Virtual Apps And Desktops | 2025-07-25 | 7.8 High |
| Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Virtual Delivery Agent for Windows used by Citrix Virtual Apps and Desktops and Citrix DaaS | ||||
| CVE-2024-2049 | 1 Citrix | 26 Citrix Sd Wan Premium Edition, Citrix Sd Wan Standard Edition, Sd-wan 1000 and 23 more | 2025-07-25 | 6.5 Medium |
| Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP. | ||||
| CVE-2024-5492 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2025-07-25 | 6.1 Medium |
| Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites in NetScaler ADC and NetScaler Gateway | ||||
| CVE-2024-5491 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2025-07-25 | 7.5 High |
| Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler | ||||
| CVE-2024-6149 | 1 Citrix | 1 Workspace | 2025-07-25 | 6.1 Medium |
| Redirection of users to a vulnerable URL in Citrix Workspace app for HTML5 | ||||