Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix receiver vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2020-13885
Citrix Workspace App prior to 1912 on Windows has Insecure Permissions which allows local users to gain privileges during the uninstallation of the application.
Citrix Workspace App
1 Github repository
7.2
CVSSv2
CVE-2020-13884
Citrix Workspace App prior to 1912 on Windows has Insecure Permissions and an Unquoted Path vulnerability which allows local users to gain privileges during the uninstallation of the application.
Citrix Workspace App
1 Github repository
9.3
CVSSv2
CVE-2012-4603
Citrix XenApp Online Plug-in for Windows 12.1 and previous versions, and Citrix Receiver for Windows 3.2 and previous versions could allow remote malicious users to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver.
Citrix Receiver
Citrix Xenapp Online
7.7
CVSSv2
CVE-2019-18909
The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an malicious user to inject commands that will execute with root privileges.
Hp Thinpro 6.2
Hp Thinpro 6.2.1
Hp Thinpro 7.0
Hp Thinpro 7.1
4.6
CVSSv2
CVE-2019-18910
The Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an malicious user to inject commands that will execute with local user privileges.
Hp Thinpro 6.2
Hp Thinpro 6.2.1
Hp Thinpro 7.0
Hp Thinpro 7.1
7.5
CVSSv2
CVE-2019-11634
Citrix Workspace App prior to 1904 for Windows has Incorrect Access Control.
Citrix Receiver 4.9
Citrix Workspace
4.6
CVSSv2
CVE-2016-9111
Incorrect access control mechanisms in Citrix Receiver Desktop Lock 4.5 allow an malicious user to bypass the authentication requirement by leveraging physical access to a VDI for temporary disconnection of a LAN cable. NOTE: as of 20161208, the vendor could not reproduce the iss...
Citrix Receiver Desktop 4.5
1 EDB exploit
5.8
CVSSv2
CVE-2016-5433
Citrix iOS Receiver prior to 7.0 allows malicious users to cause TLS certificates to be incorrectly validated via unspecified vectors.
Citrix Ios Receiver
9.3
CVSSv2
CVE-2010-2990
Citrix Online Plug-in for Windows for XenApp & XenDesktop prior to 11.2, Citrix Online Plug-in for Mac for XenApp & XenDesktop prior to 11.0, Citrix ICA Client for Linux prior to 11.100, Citrix ICA Client for Solaris prior to 8.63, and Citrix Receiver for Windows Mobile p...
Citrix Receiver For Windows Mobile
Citrix Ica Client For Linux
Citrix Ica Client For Solaris
Citrix Online Plug-in For Windows For Xenapp \\& Xendesktop
Citrix Online Plug-in For Mac For Xenapp \\& Xendesktop
5.8
CVSSv2
CVE-2009-3936
Unspecified vulnerability in Citrix Online Plug-in for Windows 11.0.x prior to 11.0.150 and 11.x prior to 11.2, Online Plug-in for Mac prior to 11.0, Receiver for iPhone prior to 1.0.3, and ICA Java, Mac, UNIX, and Windows Clients for XenApp and XenDesktop allows remote malicious...
Citrix Online Plug-in For Mac
Citrix Receiver For Iphone
Citrix Online Plug-in For Windows 11.0
Citrix Online Plug-in For Windows 11.1
Citrix Online Plug-in For Windows
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started