CVE-2026-3055

>= 13.1 and < 13.1-62.23

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread

9.8CRITICAL

CVE-2025-7776

>= 13.1 and < 13.1-59.22

Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScale

9.8CRITICAL

CVE-2025-7775

>= 13.1 and < 13.1-59.22

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway whe

9.8CRITICAL

CVE-2025-6543

>= 13.1 and < 13.1-59.19

Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when

9.8CRITICAL

CVE-2025-5777

>= 13.1 and < 13.1-58.32

Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA P

7.5HIGH

CVE-2025-5349

>= 13.1 and < 13.1-58.32

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway

8.8HIGH

CVE-2024-8535

>= 12.1 and < 13.1-55.34

Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be confi

8.1HIGH

CVE-2024-8534

>= 12.1 and < 13.1-55.34

Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must

8.1HIGH

CVE-2024-5492

>= 12.1 and < 13.0-92.31

Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites in NetScaler ADC and

6.1MEDIUM

CVE-2024-5491

>= 12.1 and < 13.0-92.31

Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler

7.5HIGH

CVE-2023-6549

>= 13.0 and < 13.0-92.21

Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthentica

8.2HIGH

CVE-2023-6548

>= 13.0 and < 13.0-92.21

Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with accessÂ

5.5MEDIUM

CVE-2023-4967

>= 13.0 and < 13.0-92.19

Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Pr

8.2HIGH

CVE-2023-4966

>= 13.0 and < 13.0-92.19

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Pr

9.4CRITICAL

CVE-2023-3467

>= 13.0 and < 13.0-91.13

Privilege Escalation to root administrator (nsroot)

8.0HIGH

CVE-2023-3466

>= 13.0 and < 13.0-91.13

Reflected Cross-Site Scripting (XSS)

8.3HIGH

CVE-2023-3519

>= 13.0 and < 13.0-91.13

Unauthenticated remote code execution

9.8CRITICAL

CVE-2018-5314

all versions

Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, an

7.5HIGH

CVE-2015-3642

all versions

The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices

5.9MEDIUM

CVE-2014-4347

all versions

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9

CVE-2014-4346

all versions

Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC

CVE-2014-2882

all versions

Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway be

CVE-2014-2881

all versions

Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler

CVE-2013-6011

all versions

Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service