5425 matches found
CVE-2019-11345
Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN Center 10.0.x before 10.0.7 allow XSS...
CVE-2020-7473
In certain situations, all versions of Citrix ShareFile StorageZones aka storage zones Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users. NOTE: unlike most CVEs, exploitability depends on th...
CVE-2020-10112
Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poisoning. NOTE: Citrix disputes this as not a vulnerability. By default, Citrix ADC only caches static content served under certain URL paths for Citrix Gateway usage. No dynamic content is served under these paths, which implies that those cached...
CVE-2013-6011
Citrix NetScaler Application Delivery Controller ADC 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service nsconfigd crash and appliance reboot via a crafted request...
CVE-2013-6077
Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not properly enforce policy rule permissions, which allows remote attackers to bypass intended restrictions...
CVE-2019-12992
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation issue 6 of 6...
CVE-2019-12985
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation issue 1 of 6...
CVE-2019-12989
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection...
CVE-2019-12990
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal...
CVE-2019-12986
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation issue 2 of 6...
CVE-2019-12991
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation issue 5 of 6...
CVE-2019-12292
Citrix AppDNA before 7 1906.1.0.472 has Incorrect Access Control...
CVE-2025-1223
An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac...
vpn_exploitation_tool
AD + Citrix VPN Data Harvester Modular Java tool for testing...
PT-2026-26014
Name of the Vulnerable Software and Affected Versions Citrix XenServer version 8.4 Description The Intel EPT paging code includes an optimization that defers flushing of cached EPT state until the p2m lock is released. However, the freeing of paging structures is not deferred, potentially leading...
Exploit for Improper Access Control in Citrix Sharefile_Storagezones_Controller
Vulnerability Details - CVE: CVE-2021-22941 - Severity...
📄 Citrix Bleed 2 PHP Mass Scanner
This is a high-speed mass-scanner written in PHP designed to test for data leakage through the CitrixBleed2 InitialValue extraction issue. The tool reproduces the functionality of the original Bash/Parallel scanner but works in restricted PHP environments...
Exploit for Use of Uninitialized Resource in Citrix Netscaler_Application_Delivery_Controller
CVE-2025-5777 Citrix NetScaler Memory Leak Exploit !WARNIN...
CVE-2025-12101
Cross-Site Scripting XSS in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy OR AAA virtual server...
Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws
Amazon's threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws in Cisco Identity Service Engine ISE and Citrix NetScaler ADC products as part of attacks designed to deliver custom malware. "This discovery highlights t...