Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv2
CVE-2010-4255
The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and previous versions on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial ...
Citrix Xen 3.4.0
Citrix Xen 3.4.3
Citrix Xen 3.2.0
Citrix Xen 3.3.0
Citrix Xen 4.0.0
Citrix Xen 3.0.4
Citrix Xen 3.3.2
Citrix Xen 3.0.3
Citrix Xen 3.1.3
Citrix Xen 3.0.2
Citrix Xen 3.1.2
Citrix Xen 3.4.1
Citrix Xen 3.2.2
Citrix Xen 3.1.4
Citrix Xen
Citrix Xen 3.2.3
Citrix Xen 3.4.2
Citrix Xen 3.3.1
Citrix Xen 3.2.1
2.7
CVSSv2
CVE-2010-3699
The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, ...
Citrix Xen 3.4.0
Citrix Xen 3.4.3
Citrix Xen 3.2.0
Citrix Xen 3.3.0
Citrix Xen 3.0.4
Citrix Xen 3.3.2
Citrix Xen 3.0.3
Citrix Xen 3.1.3
Citrix Xen 3.0.2
Citrix Xen 3.4.1
Citrix Xen 3.2.2
Citrix Xen 3.1.4
Citrix Xen 3.2.3
Citrix Xen 3.4.2
Citrix Xen 3.3.1
Citrix Xen 3.2.1
5.5
CVSSv2
CVE-2010-4247
The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen prior to 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large ...
Citrix Xen
Citrix Xen 3.0.2
Citrix Xen 3.0.3
Citrix Xen 3.0.4
Citrix Xen 3.1.3
Citrix Xen 3.1.4
Citrix Xen 3.2.0
Citrix Xen 3.2.1
Citrix Xen 3.2.2
Citrix Xen 3.2.3
Citrix Xen 3.3.0
Citrix Xen 3.3.1
7.5
CVSSv2
CVE-2016-6493
Citrix XenApp 6.x prior to 6.5 HRP07 and 7.x prior to 7.9 and Citrix XenDesktop prior to 7.9 might allow malicious users to weaken an unspecified security mitigation via vectors related to memory permission.
Citrix Xenapp 7.7.0.0
Citrix Xenapp 7.8.0.0
Citrix Xenapp 7.0.0.0
Citrix Xenapp 6.0.0.0
Citrix Xenapp 7.1.0.0
Citrix Xenapp 7.5.0.0
Citrix Xendesktop
Citrix Xenapp 6.5.0.0
Citrix Xenapp 7.6.0.0
9
CVSSv2
CVE-2020-8269
An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions prior to 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9
Citrix Xendesktop 7.6
Citrix Xendesktop 7.15
Citrix Xendesktop
Citrix Xenapp 7.6
Citrix Xenapp
Citrix Xenapp 7.15
Citrix Virtual Apps And Desktops
9
CVSSv2
CVE-2020-8283
An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions prior to 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9.
Citrix Xendesktop 7.6
Citrix Xendesktop 7.15
Citrix Xendesktop
Citrix Xenapp 7.6
Citrix Xenapp
Citrix Xenapp 7.15
Citrix Virtual Apps And Desktops
5
CVSSv2
CVE-2014-8495
Citrix XenMobile MDX Toolkit prior to 9.0.4, when used to wrap iOS 8 applications, does not properly encrypt cached application data, which allows context-dependent malicious users to obtain sensitive information by reading the cache.
Citrix Xenmobile 8.5
Citrix Xenmobile 8.7
Citrix Xenmobile
Citrix Xenmobile 9.0.2
Citrix Xenmobile 8.6
Citrix Xenmobile 9.0
5
CVSSv2
CVE-2016-4810
Citrix Studio prior to 7.6.1000, Citrix XenDesktop 7.x prior to 7.6 LTSR Cumulative Update 1 (CU1), and Citrix XenApp 7.5 and 7.6 allow malicious users to set Access Policy rules on the XenDesktop Delivery Controller via unspecified vectors.
Citrix Xenapp 7.5
Citrix Xendesktop 7.6
Citrix Xendesktop 7.1
Citrix Xendesktop 7.5
Citrix Xenapp 7.6
Citrix Xendesktop 7.0
9.3
CVSSv2
CVE-2010-4566
The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and previous versions, and the NTLM authentication component in Access Gateway Standard and Advanced Editions before Access Gateway 5.0, allows malicious users to ...
Citrix Access Gateway 8.0
Citrix Access Gateway .8.0
Citrix Access Gateway 8.1-69.4
Citrix Access Gateway 9.0.71.3
Citrix Access Gateway 9.1-104.5
Citrix Access Gateway
Citrix Access Gateway 4.5.7
Citrix Access Gateway 4.6.2
Citrix Access Gateway 4.5
Citrix Access Gateway 4.6.3
Citrix Access Gateway 4.5.5
Citrix Access Gateway 4.5.6
Citrix Access Gateway 4.6.1
2 EDB exploits
6.5
CVSSv2
CVE-2008-2300
Unspecified vulnerability in Citrix Presentation Server 4.5 and previous versions, Citrix Access Essentials 2.0 and previous versions, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors.
Citrix Metaframe Presentation Server 4.0
Citrix Access Essentials 1.0
Citrix Desktop Server 1.0
Citrix Citrix Presentation Server
Citrix Access Essentials 1.5
Citrix Access Essentials
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »