Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xenapp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-6493
Citrix XenApp 6.x prior to 6.5 HRP07 and 7.x prior to 7.9 and Citrix XenDesktop prior to 7.9 might allow malicious users to weaken an unspecified security mitigation via vectors related to memory permission.
Citrix Xenapp 7.8.0.0
Citrix Xenapp 7.7.0.0
Citrix Xenapp 7.6.0.0
Citrix Xenapp 7.5.0.0
Citrix Xenapp 7.0.0.0
Citrix Xenapp 6.5.0.0
Citrix Xenapp 6.0.0.0
Citrix Xenapp 7.1.0.0
Citrix Xendesktop
9
CVSSv2
CVE-2020-8283
An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions prior to 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9.
Citrix Virtual Apps And Desktops
Citrix Xenapp
Citrix Xenapp 7.6
Citrix Xenapp 7.15
Citrix Xendesktop
Citrix Xendesktop 7.6
Citrix Xendesktop 7.15
9
CVSSv2
CVE-2020-8269
An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions prior to 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9
Citrix Virtual Apps And Desktops
Citrix Xenapp
Citrix Xenapp 7.6
Citrix Xenapp 7.15
Citrix Xendesktop
Citrix Xendesktop 7.6
Citrix Xendesktop 7.15
4.3
CVSSv2
CVE-2020-13998
Citrix XenApp 6.5, when 2FA is enabled, allows a remote unauthenticated malicious user to ascertain whether a user exists on the server, because the 2FA error page only occurs after a valid username is entered. NOTE: This vulnerability only affects products that are no longer sup...
Citrix Xenapp 6.5.0.0
9.3
CVSSv2
CVE-2012-5161
The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1 allows remote malicious users to execute arbitrary code via unspecified vectors.
Citrix Xenapp 6.5.0.0
5
CVSSv2
CVE-2016-4810
Citrix Studio prior to 7.6.1000, Citrix XenDesktop 7.x prior to 7.6 LTSR Cumulative Update 1 (CU1), and Citrix XenApp 7.5 and 7.6 allow malicious users to set Access Policy rules on the XenDesktop Delivery Controller via unspecified vectors.
Citrix Xendesktop 7.6
Citrix Xendesktop 7.1
Citrix Xendesktop 7.0
Citrix Xenapp 7.5
Citrix Xenapp 7.6
Citrix Xendesktop 7.5
9.3
CVSSv2
CVE-2010-2991
The IICAClient interface in the ICAClient library in the ICA Client ActiveX Object (aka ICO) component in Citrix Online Plug-in for Windows for XenApp & XenDesktop prior to 12.0.3 allows remote malicious users to execute arbitrary code or cause a denial of service (memory cor...
Citrix Online Plug-in For Windows For Xenapp \\& Xendesktop 11.1
Citrix Online Plug-in For Windows For Xenapp \\& Xendesktop
6.8
CVSSv2
CVE-2008-4676
Unspecified vulnerability in Citrix XenApp (formerly Presentation Server) 4.5 Feature Pack 1 and previous versions, Presentation Server 4.0, and Access Essentials 1.0, 1.5, and 2.0 allows local users to gain privileges via unknown attack vectors related to creating an unspecified...
Citrix Access Essentials 1.0
Citrix Access Essentials 1.5
Citrix Xenapp 4.5
Citrix Access Essentials 2.0
Citrix Xenapp
Citrix Presentation Server 4.0
7.5
CVSSv2
CVE-2009-2453
Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 does not apply an access policy when it is defined with the Access Gateway Advanced Edition filters, which allows malicious users to bypass intended access restrictions via unknown vectors.
Citrix Presentation Server 4.5
Citrix Xenapp 4.5
9.3
CVSSv2
CVE-2010-2990
Citrix Online Plug-in for Windows for XenApp & XenDesktop prior to 11.2, Citrix Online Plug-in for Mac for XenApp & XenDesktop prior to 11.0, Citrix ICA Client for Linux prior to 11.100, Citrix ICA Client for Solaris prior to 8.63, and Citrix Receiver for Windows Mobile p...
Citrix Receiver For Windows Mobile
Citrix Ica Client For Linux
Citrix Ica Client For Solaris
Citrix Online Plug-in For Windows For Xenapp \\& Xendesktop
Citrix Online Plug-in For Mac For Xenapp \\& Xendesktop
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »