Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix xenapp vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-6493
Citrix XenApp 6.x prior to 6.5 HRP07 and 7.x prior to 7.9 and Citrix XenDesktop prior to 7.9 might allow malicious users to weaken an unspecified security mitigation via vectors related to memory permission.
Citrix Xenapp 7.8.0.0
Citrix Xenapp 7.7.0.0
Citrix Xenapp 7.6.0.0
Citrix Xenapp 7.5.0.0
Citrix Xenapp 7.0.0.0
Citrix Xenapp 6.5.0.0
Citrix Xenapp 6.0.0.0
Citrix Xenapp 7.1.0.0
Citrix Xendesktop
8.8
CVSSv3
CVE-2020-8269
An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions prior to 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9
Citrix Virtual Apps And Desktops
Citrix Xenapp
Citrix Xenapp 7.6
Citrix Xenapp 7.15
Citrix Xendesktop
Citrix Xendesktop 7.6
Citrix Xendesktop 7.15
8.8
CVSSv3
CVE-2020-8283
An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions prior to 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9.
Citrix Virtual Apps And Desktops
Citrix Xenapp
Citrix Xenapp 7.6
Citrix Xenapp 7.15
Citrix Xendesktop
Citrix Xendesktop 7.6
Citrix Xendesktop 7.15
7.5
CVSSv3
CVE-2016-4810
Citrix Studio prior to 7.6.1000, Citrix XenDesktop 7.x prior to 7.6 LTSR Cumulative Update 1 (CU1), and Citrix XenApp 7.5 and 7.6 allow malicious users to set Access Policy rules on the XenDesktop Delivery Controller via unspecified vectors.
Citrix Xendesktop 7.6
Citrix Xendesktop 7.1
Citrix Xendesktop 7.0
Citrix Xenapp 7.5
Citrix Xenapp 7.6
Citrix Xendesktop 7.5
NA
CVE-2008-4676
Unspecified vulnerability in Citrix XenApp (formerly Presentation Server) 4.5 Feature Pack 1 and previous versions, Presentation Server 4.0, and Access Essentials 1.0, 1.5, and 2.0 allows local users to gain privileges via unknown attack vectors related to creating an unspecified...
Citrix Access Essentials 1.0
Citrix Access Essentials 1.5
Citrix Xenapp 4.5
Citrix Access Essentials 2.0
Citrix Xenapp
Citrix Presentation Server 4.0
NA
CVE-2012-5161
The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1 allows remote malicious users to execute arbitrary code via unspecified vectors.
Citrix Xenapp 6.5.0.0
5.3
CVSSv3
CVE-2020-13998
Citrix XenApp 6.5, when 2FA is enabled, allows a remote unauthenticated malicious user to ascertain whether a user exists on the server, because the 2FA error page only occurs after a valid username is entered. NOTE: This vulnerability only affects products that are no longer sup...
Citrix Xenapp 6.5.0.0
NA
CVE-2009-2453
Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 does not apply an access policy when it is defined with the Access Gateway Advanced Edition filters, which allows malicious users to bypass intended access restrictions via unknown vectors.
Citrix Presentation Server 4.5
Citrix Xenapp 4.5
NA
CVE-2010-2991
The IICAClient interface in the ICAClient library in the ICA Client ActiveX Object (aka ICO) component in Citrix Online Plug-in for Windows for XenApp & XenDesktop prior to 12.0.3 allows remote malicious users to execute arbitrary code or cause a denial of service (memory cor...
Citrix Online Plug-in For Windows For Xenapp \\& Xendesktop 11.1
Citrix Online Plug-in For Windows For Xenapp \\& Xendesktop
NA
CVE-2010-2990
Citrix Online Plug-in for Windows for XenApp & XenDesktop prior to 11.2, Citrix Online Plug-in for Mac for XenApp & XenDesktop prior to 11.0, Citrix ICA Client for Linux prior to 11.100, Citrix ICA Client for Solaris prior to 8.63, and Citrix Receiver for Windows Mobile p...
Citrix Receiver For Windows Mobile
Citrix Ica Client For Linux
Citrix Ica Client For Solaris
Citrix Online Plug-in For Windows For Xenapp \\& Xendesktop
Citrix Online Plug-in For Mac For Xenapp \\& Xendesktop
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »