CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 2140 of 64 results
CVE Description Max CVSS EPSS % Published Updated
CVE-2024-2049 Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP. 6.5 0.37% 2024-03-12 2026-06-17
CVE-2022-27509 Unauthenticated redirection to a malicious website 6.1 0.38% 2022-07-28 2026-06-17
CVE-2024-6286 Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows 8.5 0.39% 2024-07-10 2026-06-17
CVE-2024-6148 Bypass of GACS Policy Configuration settings in Citrix Workspace app for HTML5 5.3 0.40% 2024-07-10 2026-06-17
CVE-2024-8535 Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources 5.8 0.42% 2024-11-12 2026-06-17
CVE-2022-27503 Cross-site Scripting (XSS) vulnerability in Citrix StoreFront affects version 1912 before CU5 and version 3.12 before CU9 6.1 0.45% 2022-04-13 2026-06-17
CVE-2022-27505 Reflected cross site scripting (XSS) 6.1 0.50% 2022-04-13 2026-06-17
CVE-2024-8534 Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver) OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled 8.4 0.56% 2024-11-12 2026-06-17
CVE-2024-5492 Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites in NetScaler ADC and NetScaler Gateway 5.1 0.57% 2024-07-10 2026-06-17
CVE-2022-27516 User login brute force protection functionality bypass 5.3 0.60% 2022-11-08 2026-06-17
CVE-2022-27506 Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI 2.7 0.61% 2022-04-13 2026-06-17
CVE-2024-6236 Denial of Service in NetScaler Console (formerly NetScaler ADM), NetScaler Agent, and NetScaler SDX 7.1 0.74% 2024-07-10 2026-06-17
CVE-2024-5491 Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler 7.2 0.76% 2024-07-10 2026-06-17
CVE-2023-24492 A vulnerability has been discovered in the Citrix Secure Access client for Ubuntu which, if exploited, could allow an attacker to remotely execute code if a victim user opens an attacker-crafted link and accepts further prompts. 9.6 0.82% 2023-07-11 2026-06-17
CVE-2023-4967 Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server 8.2 0.88% 2023-10-27 2026-06-17
CVE-2022-27512 Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM. 5.3 0.88% 2022-06-16 2026-06-17
CVE-2022-27507 Authenticated denial of service 6.5 0.98% 2023-01-26 2026-06-17
CVE-2022-27508 Unauthenticated denial of service 7.5 1.01% 2023-01-26 2026-06-17
CVE-2023-24487 Arbitrary file read in Citrix ADC and Citrix Gateway  6.3 1.07% 2023-07-10 2026-06-17
CVE-2022-27510 Unauthorized access to Gateway user capabilities 9.8 1.18% 2022-11-08 2026-06-17
cvelogic Threat Intelligence