Citrix Netscaler ADC & Gateway - Out-Of-Bounds Memory Read

The vulnerability would enable an attacker to remotely obtain sensitive information from a NetScaler appliance configured as a Gateway or AAA virtual server via a very commonly connected Web interface, and without requiring authentication. This bug is nearly identical to the Citrix Bleed...

CVE-2025-6549

creationtimestamp| type| source ---|---|--- 2025-07-11 16:20:51+00:00| seen| Telegram/dSDAMxlHn8XTP2ZTUM7KPIN0q1Go75EJtoSzebP5ZPnTguQ...

CentOS 6 : chromium-browser (RHSA-2020:3560)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3560 advisory. - Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...

WordPress Admin Post Navigation Plugin <= 2.1 is vulnerable to Sensitive Data Exposure

Software Admin Post Navigation Type Plugin Vulnerable versions = 2.1 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6549 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID d9b047850a91 Credits stealthcopter Required...

CVE-2024-6549

creationtimestamp| type| source ---|---|--- 2024-07-27 04:54:54+00:00| seen| https://t.me/cvedetector/1739...

CVE-2024-6549 Admin Post Navigation <= 2.1 - Unauthenticated Full Path Disclosure

The Admin Post Navigation plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full pat...

CVE-2024-6549

CVE-2024-6549 (Admin Post Navigation, WordPress) enables unauthenticated full path disclosure in all versions up to 2.1 due to bootstrap usage and test files with display_errors enabled. This Information Exposure is not by itself destructive but can aid other attacks; exploitation requires anothe...

CVE-2024-6549 Admin Post Navigation <= 2.1 - Unauthenticated Full Path Disclosure

The Admin Post Navigation plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full pat...

CISA urges urgent patching of two actively exploited Citrix NetScaler vulnerabilities

The Cybersecurity and Infrastructure Security Agency CISA has added two Citrix NetScaler vulnerabilities to its Known Exploited Vulnerabilities catalog, and it has set the “due date” a week after they were added. Federal Civilian Executive Branch FCEB agencies are handed specific deadlines for wh...

Citrix Warns of Critical Netscaler Flaws Actively Exploited in Attacks – Urges Immediate Patching

Summary: Two zero-day security vulnerabilities, identified as CVE-2023-6548 and CVE-2023-6549, have been discovered in NetScaler ADC and NetScaler Gateway. These vulnerabilities are actively exploited in the wild. CVE-2023-6548 affects the NetScaler management interface, potentially leading to...

CVE-2023-6549

Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read...

CVE-2023-6549

Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read...

CVE-2023-6549

CVE-2023-6549 : A memory-buffer boundary violation in Citrix NetScaler ADC and NetScaler Gateway allows unauthenticated denial of service and an out-of-bounds memory read when the appliance is configured as a gateway or AAA virtual server. Affected versions include NetScaler ADC/Gateway 14.1 befo...

CVE-2023-6549

Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read...

CVE-2023-6549

creationtimestamp| type| source ---|---|--- 2024-01-17 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1203 2024-01-17 06:30:38+00:00| exploited| https://t.me/thehackernews/4412 2024-01-17 08:47:54+00:00| seen| https://t.me/CyberSecurityIL/36628 2024-01-17 10:06:28+00:00|...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-6549-5)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6549-5 advisory. It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading ...

Ubuntu: Security Advisory (USN-6549-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-6549-3)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6549-3 advisory. It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain...

Ubuntu: Security Advisory (USN-6549-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6549-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6549-1 advisory. It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain...