Filtered by vendor Citrix
Subscriptions
Total
424 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-6316 | 1 Citrix | 1 Netscaler Sd-wan | 2025-02-04 | 9.8 Critical |
Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge (the former name of NetScaler SD-WAN) devices, the cookie name was CAKEPHP rather than CGISESSID. | ||||
CVE-2019-19781 | 1 Citrix | 6 Application Delivery Controller, Application Delivery Controller Firmware, Gateway and 3 more | 2025-02-04 | 9.8 Critical |
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. | ||||
CVE-2019-13608 | 1 Citrix | 1 Storefront Server | 2025-02-04 | 7.5 High |
Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks. | ||||
CVE-2021-22941 | 1 Citrix | 1 Sharefile Storagezones Controller | 2025-02-04 | 9.8 Critical |
Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an unauthenticated attacker to remotely compromise the storage zones controller. | ||||
CVE-2023-6549 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2025-02-03 | 8.2 High |
Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read | ||||
CVE-2023-24489 | 1 Citrix | 1 Sharefile Storage Zones Controller | 2025-01-27 | 9.8 Critical |
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller. | ||||
CVE-2023-6548 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2025-01-27 | 5.5 Medium |
Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface. | ||||
CVE-2024-3661 | 10 Apple, Cisco, Citrix and 7 more | 13 Iphone Os, Macos, Anyconnect Vpn Client and 10 more | 2025-01-15 | 7.6 High |
DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN. | ||||
CVE-2023-25517 | 4 Citrix, Nvidia, Redhat and 1 more | 4 Hypervisor, Gpu Display Driver, Enterprise Linux Kernel-based Virtual Machine and 1 more | 2024-12-04 | 7.1 High |
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a guest OS may be able to control resources for which it is not authorized, which may lead to information disclosure and data tampering. | ||||
CVE-2024-6148 | 1 Citrix | 1 Workspace | 2024-11-21 | 8.8 High |
Bypass of GACS Policy Configuration settings in Citrix Workspace app for HTML5 | ||||
CVE-2024-5661 | 1 Citrix | 2 Hypervisor, Xenserver | 2024-11-21 | 6 Medium |
An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive. | ||||
CVE-2024-0093 | 5 Canonical, Citrix, Nvidia and 2 more | 6 Ubuntu Linux, Hypervisor, Cloud Gaming and 3 more | 2024-11-21 | 6.5 Medium |
NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information to an actor that is not explicitly authorized to have access to that information. A successful exploit of this vulnerability might lead to information disclosure. | ||||
CVE-2024-0092 | 6 Canonical, Citrix, Microsoft and 3 more | 14 Ubuntu Linux, Hypervisor, Azure Stack Hci and 11 more | 2024-11-21 | 5.5 Medium |
NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service. | ||||
CVE-2024-0091 | 7 Canonical, Citrix, Linux and 4 more | 16 Ubuntu Linux, Hypervisor, Linux Kernel and 13 more | 2024-11-21 | 7.8 High |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering. | ||||
CVE-2024-0090 | 7 Canonical, Citrix, Linux and 4 more | 16 Ubuntu Linux, Hypervisor, Linux Kernel and 13 more | 2024-11-21 | 7.8 High |
NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
CVE-2024-0086 | 5 Canonical, Citrix, Nvidia and 2 more | 6 Ubuntu Linux, Hypervisor, Cloud Gaming and 3 more | 2024-11-21 | 5.5 Medium |
NVIDIA vGPU software for Linux contains a vulnerability where the software can dereference a NULL pointer. A successful exploit of this vulnerability might lead to denial of service and undefined behavior in the vGPU plugin. | ||||
CVE-2024-0085 | 6 Canonical, Citrix, Microsoft and 3 more | 7 Ubuntu Linux, Hypervisor, Azure Stack Hci and 4 more | 2024-11-21 | 6.3 Medium |
NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. A successful exploit of this vulnerability might lead to data tampering, escalation of privileges, and denial of service. | ||||
CVE-2024-0084 | 5 Canonical, Citrix, Nvidia and 2 more | 6 Ubuntu Linux, Hypervisor, Cloud Gaming and 3 more | 2024-11-21 | 7.8 High |
NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could execute privileged operations. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service. | ||||
CVE-2023-6184 | 1 Citrix | 1 Virtual Apps And Desktops | 2024-11-21 | 5 Medium |
Cross SiteScripting vulnerability in Citrix Session Recording allows attacker to perform Cross Site Scripting | ||||
CVE-2023-4967 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2024-11-21 | 8.2 High |
Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server |