CVE-2025-5777

Critical Citrix Bleed 2 flaw now likely exploited in attacks - "While no public exploitation of CVE-2025-5777, dubbed "Citrix Bleed 2," has been reported, ReliaQuest assesses with medium confidence that attackers are actively exploiting this vulnerability to gain initial access to targeted environments," warns ...
1 week ago Bleepingcomputer.com CVE-2025-5777

Citrix Bleed 2 flaw now believed to be exploited in attacks - "While no public exploitation of CVE-2025-5777, dubbed "Citrix Bleed 2," has been reported, ReliaQuest assesses with medium confidence that attackers are actively exploiting this vulnerability to gain initial access to targeted environments," warns ...
1 week ago Bleepingcomputer.com CVE-2025-5777

Over 1,200 Citrix servers unpatched against critical auth bypass flaw - While Citrix has yet to confirm that this security flaw is being exploited in the wild, saying that "currently, there is no evidence to suggest exploitation of CVE-2025-5777," cybersecurity firm ReliaQuest reported on Thursday with medium confidence ...
1 week ago Bleepingcomputer.com CVE-2025-5777

Public exploits released for CitrixBleed 2 NetScaler flaw, patch now - Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable and can successfully steal user session ...
12 hours ago Bleepingcomputer.com CVE-2025-5777

Citrix warns of login issues after NetScaler auth bypass patch - The first of the two security flaws (tracked as CVE-2025-5777 and dubbed Citrix Bleed 2) enables threat actors to bypass authentication by hijacking user sessions, while the second (CVE-2025-6543) is now actively exploited in denial-of-service ...
5 days ago Bleepingcomputer.com CVE-2025-5777

CISA Releases Thirteen Industrial Control Systems Focusing Vulnerabilities & Exploits - An improper output neutralization for logs vulnerability CVE-2024-5594 in Siemens SINEMA Remote Connect Server.  It allows a malicious OpenVPN peer to send garbage to the OpenVPN log or cause high CPU load. The advisory includes missing ...
3 months ago Cybersecuritynews.com CVE-2024-5594

"CitrixBleed 2" Vulnerability PoC Released - Warns of Potential Widespread Exploitation - A new critical vulnerability in Citrix NetScaler devices has security experts warning of potential widespread exploitation, drawing alarming parallels to the devastating “CitrixBleed” attacks that plagued organizations in 2023. The ...
2 days ago Cybersecuritynews.com CVE-2025-5777

CVE-2025-21867 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago

CVE-2025-5777 - Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server ...
2 weeks ago CVE-2025-5777 CVE-2023-4966 CVE-2025-6543

2100+ Citrix Servers Vulnerable to Actively Exploited Bypass Authentication Vulnerability - Over 2,100 vulnerable Citrix NetScaler servers remain exposed to active exploitation, despite patches being available for critical vulnerabilities that allow attackers to bypass authentication mechanisms and steal session tokens. ReliaQuest ...
1 week ago Cybersecuritynews.com CVE-2025-5777

CVE-2024-5777 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. ...
1 year ago Tenable.com

CVE-2015-5778 - CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than ...
8 years ago

CVE-2015-5777 - CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than ...
8 years ago

CVE-2013-5777 - Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different ...
3 years ago

CVE-2013-5775 - Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different ...
3 years ago

CVE-2012-5777 - Eval injection vulnerability in the ReplaceListVars function in the template parser in e/class/connect.php in EmpireCMS 6.6 allows user-assisted remote attackers to execute arbitrary PHP code via a crafted template. ...
7 years ago

CVE-2008-5777 - SQL injection vulnerability in index.php in CadeNix allows remote attackers to execute arbitrary SQL commands via the cid parameter. ...
7 years ago

CVE-2007-5777 - Blue-Collar Productions i-Gallery 3.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing a base64-encoded password via a direct request for igallery.mdb. ...
6 years ago

CVE-2018-5777 - An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Remote clients can take advantage of a misconfiguration in the TFTP server that could allow attackers to execute arbitrary commands on the TFTP server via unspecified ...
5 years ago

CVE-2020-5777 - MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure. A remote attacker can trigger this connection failure if the Mysql setting ...
4 years ago

CVE-2019-5777 - Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. ...
3 years ago

CVE-2017-5777 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
55 years ago Tenable.com

CVE-2006-5777 - Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to bypass authentication and perform privileged functions via a non-empty finame parameter to (1) addnewcont.php, (2) adminpassw.php, (3) amministrazione.php, (4) artins.php, (5) ...
7 years ago

CVE-2023-5777 - ...
5 months ago

CVE-2014-5777 - The icon wallpaper dressup-CocoPPa (aka jp.united.app.cocoppa) application 2.8.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted ...
10 years ago