Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2024-2049 | Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP. | 6.5 | 0.37% | 2024-03-12 | 2026-06-17 |
| CVE-2022-27509 | Unauthenticated redirection to a malicious website | 6.1 | 0.38% | 2022-07-28 | 2026-06-17 |
| CVE-2024-6286 | Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows | 8.5 | 0.39% | 2024-07-10 | 2026-06-17 |
| CVE-2024-6148 | Bypass of GACS Policy Configuration settings in Citrix Workspace app for HTML5 | 5.3 | 0.40% | 2024-07-10 | 2026-06-17 |
| CVE-2024-8535 | Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources | 5.8 | 0.42% | 2024-11-12 | 2026-06-17 |
| CVE-2022-27503 | Cross-site Scripting (XSS) vulnerability in Citrix StoreFront affects version 1912 before CU5 and version 3.12 before CU9 | 6.1 | 0.45% | 2022-04-13 | 2026-06-17 |
| CVE-2022-27505 | Reflected cross site scripting (XSS) | 6.1 | 0.50% | 2022-04-13 | 2026-06-17 |
| CVE-2024-8534 | Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver) OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled | 8.4 | 0.56% | 2024-11-12 | 2026-06-17 |
| CVE-2024-5492 | Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites in NetScaler ADC and NetScaler Gateway | 5.1 | 0.57% | 2024-07-10 | 2026-06-17 |
| CVE-2022-27516 | User login brute force protection functionality bypass | 5.3 | 0.60% | 2022-11-08 | 2026-06-17 |
| CVE-2022-27506 | Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI | 2.7 | 0.61% | 2022-04-13 | 2026-06-17 |
| CVE-2024-6236 | Denial of Service in NetScaler Console (formerly NetScaler ADM), NetScaler Agent, and NetScaler SDX | 7.1 | 0.74% | 2024-07-10 | 2026-06-17 |
| CVE-2024-5491 | Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler | 7.2 | 0.76% | 2024-07-10 | 2026-06-17 |
| CVE-2023-24492 | A vulnerability has been discovered in the Citrix Secure Access client for Ubuntu which, if exploited, could allow an attacker to remotely execute code if a victim user opens an attacker-crafted link and accepts further prompts. | 9.6 | 0.82% | 2023-07-11 | 2026-06-17 |
| CVE-2023-4967 | Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server | 8.2 | 0.88% | 2023-10-27 | 2026-06-17 |
| CVE-2022-27512 | Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM. | 5.3 | 0.88% | 2022-06-16 | 2026-06-17 |
| CVE-2022-27507 | Authenticated denial of service | 6.5 | 0.98% | 2023-01-26 | 2026-06-17 |
| CVE-2022-27508 | Unauthenticated denial of service | 7.5 | 1.01% | 2023-01-26 | 2026-06-17 |
| CVE-2023-24487 | Arbitrary file read in Citrix ADC and Citrix Gateway | 6.3 | 1.07% | 2023-07-10 | 2026-06-17 |
| CVE-2022-27510 | Unauthorized access to Gateway user capabilities | 9.8 | 1.18% | 2022-11-08 | 2026-06-17 |