gateway · threatengine.sh

CVE-2026-22771

< 1.5.7

Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. Prior to

8.8HIGH

CVE-2025-25294

< 1.2.7

Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. In all E

5.3MEDIUM

CVE-2025-24030

< 1.2.6

Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user w

7.1HIGH

CVE-2023-24488

>= 12.1 and < 12.1-65.35

Cross site scripting vulnerability in Citrix ADC and Citrix Gateway in allows and attacker to perform cross site scripting

6.1MEDIUM

CVE-2023-24487

>= 12.1 and < 12.1-65.35

Arbitrary file read in Citrix ADC and Citrix Gateway

6.3MEDIUM

CVE-2022-27508

all versions

Unauthenticated denial of service

7.5HIGH

CVE-2022-27507

>= 12.1 and < 12.1-64.17

Authenticated denial of service

6.5MEDIUM

CVE-2019-18177

< 13.0-58.30

In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN

6.5MEDIUM

CVE-2022-27516

>= 12.1 and < 12.1-65.21

User login brute force protection functionality bypass

5.3MEDIUM

CVE-2022-27513

>= 12.1 and < 12.1-65.21

Remote desktop takeover via phishing

8.3HIGH

CVE-2022-27510

>= 12.1 and < 12.1-65.21

Unauthorized access to Gateway user capabilities

9.8CRITICAL

CVE-2022-38368

< 6.6.5712

An issue was discovered in Aviatrix Gateway before 6.6.5712 and 6.7.x before 6.7.1376. Because Gateway API functions mishandle aut

8.8HIGH

CVE-2022-27509

>= 12.1 and < 12.1-65.15

Unauthenticated redirection to a malicious website

6.1MEDIUM

CVE-2022-30792

< 3.5.18.20

In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to bl

7.5HIGH

CVE-2022-30791

< 3.5.18.20

In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block

7.5HIGH

CVE-2022-31805

< 2.3.9.38

In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between cl

7.5HIGH

CVE-2022-31804

>= 2.0 and < 2.3.9.38

The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. An unauthenticated attacker m

7.5HIGH

CVE-2022-31803

>= 2.0 and < 2.3.9.38

In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker t

5.3MEDIUM

CVE-2022-31802

>= 2.0 and < 2.3.9.38

In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only a part of the specified password is been compared to the rea

9.8CRITICAL

CVE-2022-22517

< 3.5.18.0

An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid chann

7.5HIGH

CVE-2022-22514

< 3.5.18.0

An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently

7.1HIGH

CVE-2022-22513

< 3.5.18.0

An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS product

6.5MEDIUM

CVE-2021-22956

< 11.1-65.23

An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow a

7.5HIGH

CVE-2021-22955

< 11.1-65.23

A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as

7.5HIGH

CVE-2021-22927

>= 12.1 and < 12.1-62.27

A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when configured SAML service provider that cou

8.1HIGH

CVE-2021-22920

all versions

A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScale

6.5MEDIUM

CVE-2021-22919

>= 12.1 and < 12.1-62.27

A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScale

7.5HIGH

CVE-2021-36764

>= 3.0 and < 3.5.17.10

In CODESYS Gateway V3 before 3.5.17.10, there is a NULL Pointer Dereference. Crafted communication requests may cause a Null point

7.5HIGH

CVE-2020-8300

>= 12.1 and < 12.1-62.23

Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suff

6.5MEDIUM

CVE-2020-8299

>= 12.1 and < 12.1-61.18

Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, a

6.5MEDIUM

CVE-2021-29242

>= 3.0 and < 3.5.17.0

CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to

7.3HIGH

CVE-2021-29241

>= 3.0 and < 3.5.16.70

CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).

7.5HIGH

CVE-2020-8247

>= 11.1 and < 11.1-65.12

Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIP

8.8HIGH

CVE-2020-8246

>= 11.1 and < 11.1-65.12

Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIP

7.5HIGH

CVE-2020-8245

>= 11.1 and < 11.1-65.12

Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12

6.1MEDIUM

CVE-2020-12714

>= 1.0.1 and <= 4.7.1-0

An issue was discovered in CipherMail Community Gateway Virtual Appliances and Professional/Enterprise Gateway Virtual Appliances

5.9MEDIUM

CVE-2020-12713

>= 1.0.1 and <= 4.7.1-0

An issue was discovered in CipherMail Community Gateway and Professional/Enterprise Gateway 1.0.1 through 4.7.1-0 and CipherMail W

7.2HIGH

CVE-2020-13417

< 5.3

An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-722

9.8CRITICAL

CVE-2020-13414

< 5.4.1204

An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by the software.

7.5HIGH

CVE-2020-7052

>= 3.5.15.10 and < 3.5.15.30

CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote deni

6.5MEDIUM

CVE-2019-9009

< 3.5.15.0

An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash.

7.5HIGH

CVE-2019-9012

>= 3.0 and < 3.5.14.20

An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations

7.5HIGH

CVE-2019-9010

>= 3.0 and < 3.5.14.20

An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the ownership of a communic

9.8CRITICAL

CVE-2018-20026

>= 3.0 and < 3.5.14.0

Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0.

7.5HIGH

CVE-2018-20025

>= 3.0 and < 3.5.14.0

Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0.

7.5HIGH

CVE-2012-1461

all versions

The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-

CVE-2012-1459

all versions

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Ant

CVE-2012-1457

all versions

The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-V

CVE-2012-1456

all versions

The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malw

CVE-2012-1454

all versions

The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010.1C, Rising Antivirus 22.83.00.

CVE-2012-1453

all versions

The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4

CVE-2012-1446

all versions

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.10

CVE-2012-1443

all versions

The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVE

CVE-2012-1442

all versions

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (forme

CVE-2012-1431

all versions

The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.

CVE-2012-1430

all versions

The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus

CVE-2012-1429

all versions

The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus

CVE-2012-1425

all versions

The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-M

CVE-2008-0221

all versions

Directory traversal vulnerability in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1 in

CVE-2008-0220

all versions

Multiple stack-based buffer overflows in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1

citrix gateway