1706 matches found
Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection
Citrix ADC and NetScaler Gateway are susceptible to remote code injection. An attacker can potentially execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. Affected versions are before 13.0-58.30,...
NetScaler Console - Sensitive Information Disclosure
Sensitive information disclosure in NetScaler Console id: CVE-2024-6235 info: name: NetScaler Console - Sensitive Information Disclosure author: DhiyaneshDk severity: critical description: | Sensitive information disclosure in NetScaler Console impact: | Attackers can access sensitive information...
Citrix Netscaler ADC & Gateway - Out-Of-Bounds Memory Read
The vulnerability would enable an attacker to remotely obtain sensitive information from a NetScaler appliance configured as a Gateway or AAA virtual server via a very commonly connected Web interface, and without requiring authentication. This bug is nearly identical to the Citrix Bleed...
Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service
Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC formerly Citrix ADC and NetScaler Gateway formerly Citrix Gateway that could be exploited by an attacker to facilitate arbitrary file reads or trigger a denial-of-service DoS condition. The vulnerabilities are...
Citrix NetScaler Memory Disclosure - CitrixBleed 2
Insufficient input validation leading to memory overread on the NetScaler Management Interface NetScaler ADC and NetScaler Gateway id: CVE-2025-5777 info: name: Citrix NetScaler Memory Disclosure - CitrixBleed 2 author: watchtowr,DhiyaneshDk,darses severity: critical description: | Insufficient...
Vulnerabilities in Citrix Netscaler ADC and Netscaler Gateway
Citrix has identified vulnerabilities in NetScaler ADC and NetScaler Gateway that are related to inadequate input validation, incorrect access control, and improper memory release. The vulnerabilities, identified as CVE-2026-8451 and CVE-2026-10817, arise from inadequate input validation, where t...
CVE-2026-8655
Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursi...
CVE-2026-8451
Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP...
CVE-2026-8452
Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a Gateway SSL VPN, ICA Proxy, CVPN, RDP Proxy or AAA virtual server...
CVE-2026-13474
Denial of service via malformed HTTP/2 requests in NetScaler ADC and NetScaler Gateway if HTTP/2 is enabled in HTTP Profile and associated with the virtual server of type LB, CS, VPN or the service configured on NetScaler...
CVE-2026-10817
Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server of type LB, CS, VPN or the service configured on NetScaler...
CVE-2026-10816
Arbitrary File Read Unauthenticated in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled...
CVE-2026-13474
The CVE-2026-13474 vulnerability affects NetScaler ADC and NetScaler Gateway when HTTP/2 is enabled in an HTTP Profile and tied to a virtual server (LB, CS, VPN) or its service. It allows denial of service via malformed HTTP/2 requests, impacting availability. CVSS v4.0 base score 8.7 (HIGH) with...
EUVD-2026-40320
Denial of service via malformed HTTP/2 requests in NetScaler ADC and NetScaler Gateway if HTTP/2 is enabled in HTTP Profile and associated with the virtual server of type LB, CS, VPN or the service configured on NetScaler...
EUVD-2026-40317
Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server of type LB, CS, VPN or the service configured on NetScaler...
CVE-2026-10817
CVE-2026-10817 is an “insufficient input validation leading to memory overread” affecting Citrix NetScaler ADC and NetScaler Gateway when TCP TimeStamp is enabled in the TCP profile and attached to a virtual server (LB, CS, VPN) or the service. Public sources consistently describe the root cause ...
CVE-2026-10816
CVE-2026-10816 affects NetScaler ADC and NetScaler Gateway. The issue is an Arbitrary File Read that is unauthenticated when access to NSIP, Cluster Management IP or SNIP with management access is enabled. According to the sources, the vulnerability allows read access to files, impacting confiden...
CVE-2026-8655 Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service
Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursi...
EUVD-2026-40308
Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursi...
CVE-2026-8655
CVE-2026-8655 corresponds to multiple memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway that can cause unpredictable behavior and DoS when the appliance is used as an Oracle load balancer, a DNS Proxy, or a DNS recursive resolver. The NVD/NIST entry and multiple security advi...