Affected Products

Vendor / product matrix with CVE counts sourced from the CPE catalog.

Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
citrix
31591163.4%CRITICAL

Related CVEs

59
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2026-3055Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overreadCRITICAL9.3KEV99.7%Mar 23, 2026
CVE-2025-7776Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to itHIGH8.893.0%Aug 26, 2025
CVE-2025-7775Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers (OR) CR virtual server with type HDXCRITICAL9.2KEV96.9%Aug 26, 2025
CVE-2025-6759Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaSHIGH7.315.2%Jul 8, 2025
CVE-2025-6543Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual serverCRITICAL9.2KEV94.9%Jun 25, 2025
CVE-2025-4879Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for WindowsHIGH7.31.7%Jun 17, 2025
CVE-2025-0320Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for WindowsHIGH8.62.6%Jun 17, 2025
CVE-2025-5777Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual serverCRITICAL9.3KEV100.0%Jun 17, 2025
CVE-2025-5349Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler GatewayHIGH8.788.2%Jun 17, 2025
CVE-2025-4365Arbitrary file read in NetScaler Console and NetScaler SDX (SVM)MEDIUM6.993.4%Jun 17, 2025
CVE-2025-1223An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for MacMEDIUM5.94.9%Feb 20, 2025
CVE-2025-1222An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for MacMEDIUM5.94.9%Feb 20, 2025
CVE-2024-12284Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows.HIGH8.895.6%Feb 20, 2025
CVE-2024-8535Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resourcesMEDIUM5.833.9%Nov 12, 2024
CVE-2024-8534Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver) OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabledHIGH8.442.5%Nov 12, 2024
CVE-2024-8069Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording serverMEDIUM5.1KEV96.3%Nov 12, 2024
CVE-2024-8068Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domainMEDIUM5.1KEV69.1%Nov 12, 2024
CVE-2024-7890Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for WindowsMEDIUM5.47.5%Sep 11, 2024
CVE-2024-7889Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for WindowsHIGH7.015.7%Sep 11, 2024
CVE-2024-42423Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privileges may potentially exploit this vulnerability to bypass existing controls and perform unauthorized actions leading to information disclosure and tampering.HIGH7.14.9%Sep 10, 2024