Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-5027
Citrix Workspace app for Mac Security Bulletin for CVE-2024-5027: A vulnerability has been discovered in Citrix Workspace app for Mac, which, if exploited, may result in elevation of privilege from a local authenticated user to a root user. The following supported versions of Cit...
NA
CVE-2024-3902
A vulnerability has been discovered in Citrix uberAgent, which, if exploited, may result in the escalation of privileges of the attacker. This vulnerability only impacts uberAgent and does not impact any other Citrix and or Cloud Software Group products. The following supported v...
5.9
CVSSv3
CVE-2024-31497
In PuTTY 0.68 up to and including 0.80 prior to 0.81, biased ECDSA nonce generation allows an malicious user to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to ...
Putty Putty
Filezilla-project Filezilla Client
Winscp Winscp
Tortoisegit Tortoisegit
Tigris Tortoisesvn
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
4 Github repositories
2 Articles
NA
CVE-2024-2049
Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and prior to 11.4.4.46 allows an malicious user to disclose limited information from the appliance via Access to management IP.
7.2
CVSSv3
CVE-2023-6184
Cross SiteScripting vulnerability in Citrix Session Recording allows malicious user to perform Cross Site Scripting
Citrix Virtual Apps And Desktops 1912
Citrix Virtual Apps And Desktops 2203
Citrix Virtual Apps And Desktops
6.1
CVSSv3
CVE-2023-5914
Cross-site scripting (XSS)
Cloud Citrix Storefront 1912
Cloud Citrix Storefront
7.5
CVSSv3
CVE-2023-6549
Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read
Citrix Netscaler Gateway
Citrix Netscaler Application Delivery Controller
2 Articles
8.8
CVSSv3
CVE-2023-6548
Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.
Citrix Netscaler Gateway
Citrix Netscaler Application Delivery Controller
1 Github repository
2 Articles
7.8
CVSSv3
CVE-2023-34326
The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction (see stale DMA mappings) if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA m...
Xen Xen
5.5
CVSSv3
CVE-2023-34327
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors...
Xen Xen
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »