Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix xenapp vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-6493
Citrix XenApp 6.x prior to 6.5 HRP07 and 7.x prior to 7.9 and Citrix XenDesktop prior to 7.9 might allow malicious users to weaken an unspecified security mitigation via vectors related to memory permission.
Citrix Xenapp 7.8.0.0
Citrix Xenapp 7.7.0.0
Citrix Xenapp 7.6.0.0
Citrix Xenapp 7.5.0.0
Citrix Xenapp 7.0.0.0
Citrix Xenapp 6.5.0.0
Citrix Xenapp 6.0.0.0
Citrix Xenapp 7.1.0.0
Citrix Xendesktop
8.8
CVSSv3
CVE-2020-8283
An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions prior to 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9.
Citrix Virtual Apps And Desktops
Citrix Xenapp
Citrix Xenapp 7.6
Citrix Xenapp 7.15
Citrix Xendesktop
Citrix Xendesktop 7.6
Citrix Xendesktop 7.15
8.8
CVSSv3
CVE-2020-8269
An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions prior to 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9
Citrix Virtual Apps And Desktops
Citrix Xenapp
Citrix Xenapp 7.6
Citrix Xenapp 7.15
Citrix Xendesktop
Citrix Xendesktop 7.6
Citrix Xendesktop 7.15
7.8
CVSSv3
CVE-2021-22928
A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has either Citrix Profile Management or Citrix Profile Management WMI Plugin installed to escalate their privilege level on that Windows VDA to SYS...
Citrix Xendesktop 7.15
Citrix Xenapp 7.15
Citrix Virtual Apps And Desktops
Citrix Virtual Apps And Desktops 1912
7.8
CVSSv3
CVE-2012-4603
Citrix XenApp Online Plug-in for Windows 12.1 and previous versions, and Citrix Receiver for Windows 3.2 and previous versions could allow remote malicious users to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver.
Citrix Receiver
Citrix Xenapp Online
7.5
CVSSv3
CVE-2016-4810
Citrix Studio prior to 7.6.1000, Citrix XenDesktop 7.x prior to 7.6 LTSR Cumulative Update 1 (CU1), and Citrix XenApp 7.5 and 7.6 allow malicious users to set Access Policy rules on the XenDesktop Delivery Controller via unspecified vectors.
Citrix Xendesktop 7.6
Citrix Xendesktop 7.1
Citrix Xendesktop 7.0
Citrix Xenapp 7.5
Citrix Xenapp 7.6
Citrix Xendesktop 7.5
5.3
CVSSv3
CVE-2020-13998
Citrix XenApp 6.5, when 2FA is enabled, allows a remote unauthenticated malicious user to ascertain whether a user exists on the server, because the 2FA error page only occurs after a valid username is entered. NOTE: This vulnerability only affects products that are no longer sup...
Citrix Xenapp 6.5.0.0
NA
CVE-2012-5161
The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1 allows remote malicious users to execute arbitrary code via unspecified vectors.
Citrix Xenapp 6.5.0.0
NA
CVE-2010-2990
Citrix Online Plug-in for Windows for XenApp & XenDesktop prior to 11.2, Citrix Online Plug-in for Mac for XenApp & XenDesktop prior to 11.0, Citrix ICA Client for Linux prior to 11.100, Citrix ICA Client for Solaris prior to 8.63, and Citrix Receiver for Windows Mobile p...
Citrix Receiver For Windows Mobile
Citrix Ica Client For Linux
Citrix Ica Client For Solaris
Citrix Online Plug-in For Windows For Xenapp \\& Xendesktop
Citrix Online Plug-in For Mac For Xenapp \\& Xendesktop
NA
CVE-2010-2991
The IICAClient interface in the ICAClient library in the ICA Client ActiveX Object (aka ICO) component in Citrix Online Plug-in for Windows for XenApp & XenDesktop prior to 12.0.3 allows remote malicious users to execute arbitrary code or cause a denial of service (memory cor...
Citrix Online Plug-in For Windows For Xenapp \\& Xendesktop 11.1
Citrix Online Plug-in For Windows For Xenapp \\& Xendesktop
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »