Every CVE whose affected-product data names Citrix Netscaler, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2016-2071 — CVSS 9.8 (critical): Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13…
CVE-2018-6186 — CVSS 8.8 (high): Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp…
CVE-2015-2838 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in Nitro API in Citrix NetScaler before 10.5 build 52.3nc allows remote attackers to hijack…
CVE-2016-2072 — CVSS 6.1 (medium): The Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build…
CVE-2015-2841 — CVSS 5.0 (medium): Citrix NetScaler AppFirewall, as used in NetScaler 10.5, allows remote attackers to bypass intended firewall restrictions via a crafted…
CVE-2007-6193 — CVSS 5.0 (medium): The web management interface in Citrix NetScaler 8.0 build 47.8 stores the device's primary IP address in a cookie, which might allow…
CVE-2015-2840 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in help/rt/large_search.html in Citrix NetScaler before 10.5 build 52.3nc allows remote attackers…
CVE-2007-6192 — CVSS 4.3 (medium): The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption (XOR of unpadded data) to store credentials within a…
CVE-2015-2839 — CVSS 4.3 (medium): The Nitro API in Citrix NetScaler before 10.5 build 52.3nc uses an incorrect Content-Type when returning an error message, which allows…
CVE-2007-6037 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in ws/generic_api_call.pl in Citrix NetScaler 8.0 build 47.8 allows remote attackers to inject…