Filtered by vendor Citrix
Subscribe
Total
450 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0504 | 1 Citrix | 1 Nfuse | 2025-04-03 | 7.5 HIGH | N/A |
|
Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to execute script in other clients via the NFuse_Application parameter to (1) launch.jsp or (2) launch.asp.
|
|||||
| CVE-2002-0503 | 1 Citrix | 1 Nfuse | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in boilerplate.asp for Citrix NFuse 1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the NFuse_Template parameter.
|
|||||
| CVE-2001-0716 | 1 Citrix | 1 Metaframe | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service Pack 1 and earlier, allows remote attackers to cause a denial of service (crash) via a large number of incomplete connections to the server.
|
|||||
| CVE-2005-3652 | 1 Citrix | 1 Ica Program Neighborhood Client | 2025-04-03 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in Citrix Program Neighborhood client 9.0 and earlier allows remote attackers to execute arbitrary code via a long name value in an Application Set response.
|
|||||
| CVE-2005-3134 | 1 Citrix | 1 Metaframe | 2025-04-03 | 7.5 HIGH | N/A |
|
Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the client device name (ClientName).
|
|||||
| CVE-2006-4846 | 1 Citrix | 1 Access Gateway | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Unspecified vulnerability in Citrix Access Gateway with Advanced Access Control (AAC) 4.2 before 20060914, when AAC is configured to use LDAP authentication, allows remote attackers to bypass authentication via unknown vectors.
|
|||||
| CVE-2004-1902 | 1 Citrix | 1 Metaframe Password Manager | 2025-04-03 | 2.1 LOW | N/A |
|
The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does not encrypt passwords entered immediately after executing the First Time User Wizards, which allows local users to gain sensitive information.
|
|||||
| CVE-2022-27507 | 1 Citrix | 2 Application Delivery Controller, Gateway | 2025-04-01 | N/A | 6.5 MEDIUM |
|
Authenticated denial of service
|
|||||
| CVE-2022-27508 | 1 Citrix | 2 Application Delivery Controller, Gateway | 2025-04-01 | N/A | 7.5 HIGH |
|
Unauthenticated denial of service
|
|||||
| CVE-2024-6148 | 1 Citrix | 1 Workspace | 2025-03-25 | N/A | 8.8 HIGH |
|
Bypass of GACS Policy Configuration settings in Citrix Workspace app for HTML5
|
|||||
| CVE-2023-24485 | 1 Citrix | 1 Workspace | 2025-03-19 | N/A | 7.8 HIGH |
|
Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app.
|
|||||
| CVE-2023-24484 | 1 Citrix | 1 Workspace | 2025-03-18 | N/A | 5.5 MEDIUM |
|
A malicious user can cause log files to be written to a directory that they do not have permission to write to.
|
|||||
| CVE-2023-24483 | 2 Citrix, Microsoft | 2 Virtual Apps And Desktops, Windows | 2025-03-18 | N/A | 7.8 HIGH |
|
A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA.
|
|||||
| CVE-2024-3661 | 9 Apple, Cisco, Citrix and 6 more | 12 Iphone Os, Macos, Anyconnect Vpn Client and 9 more | 2025-01-15 | N/A | 7.6 HIGH |
|
DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.
|
|||||
| CVE-2024-5661 | 1 Citrix | 2 Hypervisor, Xenserver | 2024-11-21 | N/A | 6.0 MEDIUM |
|
An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive.
|
|||||
| CVE-2024-0093 | 5 Canonical, Citrix, Nvidia and 2 more | 6 Ubuntu Linux, Hypervisor, Cloud Gaming and 3 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information to an actor that is not explicitly authorized to have access to that information. A successful exploit of this vulnerability might lead to information disclosure.
|
|||||
| CVE-2024-0092 | 6 Canonical, Citrix, Microsoft and 3 more | 14 Ubuntu Linux, Hypervisor, Azure Stack Hci and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service.
|
|||||
| CVE-2024-0091 | 7 Canonical, Citrix, Linux and 4 more | 16 Ubuntu Linux, Hypervisor, Linux Kernel and 13 more | 2024-11-21 | N/A | 7.8 HIGH |
|
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering.
|
|||||
| CVE-2024-0090 | 7 Canonical, Citrix, Linux and 4 more | 16 Ubuntu Linux, Hypervisor, Linux Kernel and 13 more | 2024-11-21 | N/A | 7.8 HIGH |
|
NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
|
|||||
| CVE-2024-0086 | 5 Canonical, Citrix, Nvidia and 2 more | 6 Ubuntu Linux, Hypervisor, Cloud Gaming and 3 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
NVIDIA vGPU software for Linux contains a vulnerability where the software can dereference a NULL pointer. A successful exploit of this vulnerability might lead to denial of service and undefined behavior in the vGPU plugin.
|
|||||
| CVE-2024-0085 | 6 Canonical, Citrix, Microsoft and 3 more | 7 Ubuntu Linux, Hypervisor, Azure Stack Hci and 4 more | 2024-11-21 | N/A | 6.3 MEDIUM |
|
NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. A successful exploit of this vulnerability might lead to data tampering, escalation of privileges, and denial of service.
|
|||||
| CVE-2024-0084 | 5 Canonical, Citrix, Nvidia and 2 more | 6 Ubuntu Linux, Hypervisor, Cloud Gaming and 3 more | 2024-11-21 | N/A | 7.8 HIGH |
|
NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could execute privileged operations. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service.
|
|||||
| CVE-2023-6184 | 1 Citrix | 1 Virtual Apps And Desktops | 2024-11-21 | N/A | 5.0 MEDIUM |
|
Cross SiteScripting vulnerability in Citrix Session Recording allows attacker to perform Cross Site Scripting
|
|||||
| CVE-2023-4967 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2024-11-21 | N/A | 8.2 HIGH |
|
Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server
|
|||||
| CVE-2023-3467 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2024-11-21 | N/A | 8.0 HIGH |
|
Privilege Escalation to root administrator (nsroot)
|
|||||
| CVE-2023-3466 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2024-11-21 | N/A | 8.3 HIGH |
|
Reflected Cross-Site Scripting (XSS)
|
|||||
| CVE-2023-31026 | 6 Canonical, Citrix, Linux-kvm and 3 more | 6 Ubuntu Linux, Hypervisor, Kernel Virtual Machine and 3 more | 2024-11-21 | N/A | 6.0 MEDIUM |
|
NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a NULL-pointer dereference may lead to denial of service.
|
|||||
| CVE-2023-31022 | 8 Canonical, Citrix, Linux and 5 more | 9 Ubuntu Linux, Hypervisor, Linux Kernel and 6 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service.
|
|||||
| CVE-2023-31021 | 7 Canonical, Citrix, Linux-kvm and 4 more | 7 Ubuntu Linux, Hypervisor, Kernel Virtual Machine and 4 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may lead to denial of service.
|
|||||
| CVE-2023-31018 | 8 Canonical, Citrix, Linux and 5 more | 9 Ubuntu Linux, Hypervisor, Linux Kernel and 6 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a NULL-pointer dereference, which may lead to denial of service.
|
|||||
| CVE-2023-25517 | 4 Citrix, Nvidia, Redhat and 1 more | 4 Hypervisor, Gpu Display Driver, Enterprise Linux Kernel-based Virtual Machine and 1 more | 2024-11-21 | N/A | 7.1 HIGH |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a guest OS may be able to control resources for which it is not authorized, which may lead to information disclosure and data tampering.
|
|||||
| CVE-2023-24492 | 2 Canonical, Citrix | 2 Ubuntu Linux, Secure Access Client | 2024-11-21 | N/A | 9.6 CRITICAL |
|
A vulnerability has been discovered in the Citrix Secure Access client for Ubuntu which, if exploited, could allow an attacker to remotely execute code if a victim user opens an attacker-crafted link and accepts further prompts.
|
|||||
| CVE-2023-24491 | 2 Citrix, Microsoft | 2 Secure Access Client, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
A vulnerability has been discovered in the Citrix Secure Access client for Windows
which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of NT AUTHORITY\SYSTEM.
|
|||||
| CVE-2023-24490 | 1 Citrix | 2 Linux Virtual Delivery Agent, Virtual Apps And Desktops | 2024-11-21 | N/A | 6.3 MEDIUM |
|
Users with only access to launch VDA applications can launch an unauthorized desktop
|
|||||
| CVE-2023-24488 | 1 Citrix | 2 Application Delivery Controller, Gateway | 2024-11-21 | N/A | 6.1 MEDIUM |
|
Cross site scripting vulnerability in Citrix ADC and Citrix Gateway in allows and attacker to perform cross site scripting
|
|||||
| CVE-2023-24487 | 1 Citrix | 2 Application Delivery Controller, Gateway | 2024-11-21 | N/A | 6.3 MEDIUM |
|
Arbitrary file read in Citrix ADC and Citrix Gateway
|
|||||
| CVE-2023-24486 | 1 Citrix | 1 Workspace | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is launched.
|
|||||
| CVE-2023-0198 | 5 Citrix, Linux, Nvidia and 2 more | 5 Hypervisor, Linux Kernel, Virtual Gpu and 2 more | 2024-11-21 | N/A | 6.6 MEDIUM |
|
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where improper restriction of operations within the bounds of a memory buffer can lead to denial of service, information disclosure, and data tampering.
|
|||||
| CVE-2023-0197 | 4 Citrix, Nvidia, Redhat and 1 more | 4 Hypervisor, Virtual Gpu, Enterprise Linux Kernel-based Virtual Machine and 1 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious user in a guest VM can cause a NULL-pointer dereference, which may lead to denial of service.
|
|||||
| CVE-2023-0192 | 4 Citrix, Nvidia, Redhat and 1 more | 4 Hypervisor, Virtual Gpu, Enterprise Linux Kernel-based Virtual Machine and 1 more | 2024-11-21 | N/A | 4.7 MEDIUM |
|
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer handler, where improper privilege management can lead to escalation of privileges and information disclosure.
|
|||||