Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2014-2690
Citrix VDI-in-a-Box 5.3.x prior to 5.3.6 and 5.4.x prior to 5.4.3 allows local users to obtain administrator credentials by reading the log.
Citrix Vdi-in-a-box 5.3.0
Citrix Vdi-in-a-box 5.3.4
Citrix Vdi-in-a-box 5.4.0
Citrix Vdi-in-a-box 5.3.5
Citrix Vdi-in-a-box 5.4.2
Citrix Vdi-in-a-box 5.3.1
Citrix Vdi-in-a-box 5.3.2
Citrix Vdi-in-a-box 5.3.3
Citrix Vdi-in-a-box 5.4.1
6.9
CVSSv2
CVE-2018-19962
An issue exists in Xen up to and including 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.
Xen Xen
Debian Debian Linux 9.0
Citrix Xenserver 7.0
Citrix Xenserver 7.5
Citrix Xenserver 7.6
Citrix Xenserver 7.1
6.9
CVSSv2
CVE-2018-19961
An issue exists in Xen up to and including 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.
Xen Xen
Debian Debian Linux 9.0
Citrix Xenserver 7.0
Citrix Xenserver 7.5
Citrix Xenserver 7.6
Citrix Xenserver 7.1
4.7
CVSSv2
CVE-2018-19965
An issue exists in Xen up to and including 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-575...
Xen Xen
Citrix Xenserver 7.0
Citrix Xenserver 7.5
Citrix Xenserver 7.6
Citrix Xenserver 7.1
Debian Debian Linux 9.0
2 Github repositories
4.3
CVSSv2
CVE-2014-1899
Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x prior to 9.3.66.5 and 10.x prior to 10.1.123.9 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Citrix Netscaler Access Gateway Firmware 9.3
Citrix Netscaler Access Gateway Firmware 9.3.61.5
Citrix Netscaler Access Gateway Firmware 9.3.62.4
Citrix Netscaler Access Gateway Firmware 10.0
Citrix Netscaler Access Gateway Firmware 10.0.74.4
Citrix Netscaler Access Gateway Firmware 10.1
Citrix Netscaler Access Gateway -
6.8
CVSSv2
CVE-2007-4016
Unspecified vulnerability in the client components in Citrix Access Gateway Standard Edition prior to 4.5.5 and Advanced Edition prior to 4.5 HF1 allows malicious users to execute arbitrary code via unspecified vectors.
Citrix Access Gateway
Citrix Access Gateway 4.2
Citrix Access Gateway 4.0
10
CVSSv2
CVE-2008-2528
Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and previous versions and Advanced Edition 4.5 HF2 and previous versions allows malicious users to bypass authentication and gain "access to network resources" via unspecified vectors.
Citrix Access Gateway
Citrix Access Gateway 4.5.5
Citrix Access Gateway 4.5.6
7.5
CVSSv2
CVE-2013-2601
The NDVM in Citrix XenClient XT prior to 2.1.3 and 3.x prior to 3.1.4 allows remote malicious users to execute arbitrary commands by using the UIVM to create a network connection.
Citrix Xenclient Xt 3.1.3
Citrix Xenclient Xt
Citrix Xenclient Xt 3.0.0
7.5
CVSSv2
CVE-2006-5821
Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote malicious users to execute arbitrary code via requests to the Independent Management Architecture (IMA) serv...
Citrix Metaframe Presentation Server 4.0
Citrix Metaframe 1.0
Citrix Metaframe 3.0
10
CVSSv2
CVE-2014-2881
Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway prior to 9.3-66.5 and 10.x prior to 10.1-122.17 has unknown impact and vectors.
Citrix Netscaler Access Gateway Firmware 9.3
Citrix Netscaler Application Delivery Controller Firmware 10.1
Citrix Netscaler Application Delivery Controller -
Citrix Netscaler Access Gateway Firmware
Citrix Netscaler Application Delivery Controller Firmware
Citrix Netscaler Access Gateway -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »