Filtered by vendor Citrix
Subscriptions
Total
441 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-16968 | 1 Citrix | 1 Sharefile Storagezones Controller | 2024-11-21 | N/A |
| Citrix ShareFile StorageZones Controller before 5.4.2 allows Directory Traversal. | ||||
| CVE-2018-14007 | 1 Citrix | 1 Xenserver | 2024-11-21 | N/A |
| Citrix XenServer 7.1 and newer allows Directory Traversal. | ||||
| CVE-2018-11053 | 4 Citrix, Dell, Redhat and 1 more | 4 Xenserver, Emc Idrac Service Module, Enterprise Linux and 1 more | 2024-11-21 | 6.5 Medium |
| Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1.0, v3.2.0, when started, changes the default file permission of the hosts file of the host operating system (/etc/hosts) to world writable. A malicious low privileged operating system user or process could modify the host file and potentially redirect traffic from the intended destination to sites hosting malicious or unwanted content. | ||||
| CVE-2018-10654 | 1 Citrix | 1 Xenmobile Server | 2024-11-21 | N/A |
| There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | ||||
| CVE-2018-10653 | 1 Citrix | 1 Xenmobile Server | 2024-11-21 | N/A |
| There is an XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | ||||
| CVE-2018-10652 | 1 Citrix | 1 Xenmobile Server | 2024-11-21 | N/A |
| There is a Sensitive Data Leakage issue in Citrix XenMobile Server 10.7 before RP3. | ||||
| CVE-2018-10651 | 1 Citrix | 1 Xenmobile Server | 2024-11-21 | N/A |
| There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | ||||
| CVE-2018-10650 | 1 Citrix | 1 Xenmobile Server | 2024-11-21 | N/A |
| There is an Insufficient Path Validation Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | ||||
| CVE-2018-10649 | 1 Citrix | 1 Xenmobile Server | 2024-11-21 | N/A |
| There is a Cross-Site Scripting Vulnerability in Citrix XenMobile Server 10.7 before RP3. | ||||
| CVE-2018-10648 | 1 Citrix | 1 Xenmobile Server | 2024-11-21 | N/A |
| There are Unauthenticated File Upload Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | ||||
| CVE-2017-2620 | 5 Citrix, Debian, Qemu and 2 more | 12 Xenserver, Debian Linux, Qemu and 9 more | 2024-11-21 | N/A |
| Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process. | ||||
| CVE-2017-2615 | 5 Citrix, Debian, Qemu and 2 more | 12 Xenserver, Debian Linux, Qemu and 9 more | 2024-11-21 | N/A |
| Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host. | ||||
| CVE-2016-9603 | 4 Citrix, Debian, Qemu and 1 more | 10 Xenserver, Debian Linux, Qemu and 7 more | 2024-11-21 | N/A |
| A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process. | ||||
| CVE-2014-3798 | 1 Citrix | 1 Xenserver | 2024-11-21 | N/A |
| The Windows Guest Tools in Citrix XenServer 6.2 SP1 and earlier allows remote attackers to cause a denial of service (guest OS crash) via a crafted Ethernet frame. | ||||
| CVE-2013-3620 | 2 Citrix, Supermicro | 10 Netscaler, Netscaler Firmware, Netscaler Sd-wan and 7 more | 2024-11-21 | 7.5 High |
| Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before 3.15 (SMT_X9_315) and firmware for Supermicro X8 generation motherboards before SMT X8 312. | ||||
| CVE-2013-3619 | 2 Citrix, Supermicro | 10 Netscaler, Netscaler Firmware, Netscaler Sd-wan and 7 more | 2024-11-21 | 8.1 High |
| Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before SMT_X9_317 and firmware for Supermicro X8 generation motherboards before SMT X8 312 contain harcoded private encryption keys for the (1) Lighttpd web server SSL interface and the (2) Dropbear SSH daemon. | ||||
| CVE-2012-4606 | 1 Citrix | 1 Xenserver | 2024-11-21 | 7.8 High |
| Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges. | ||||
| CVE-2012-4603 | 2 Citrix, Microsoft | 3 Receiver, Xenapp Online, Windows | 2024-11-21 | 7.8 High |
| Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver. | ||||
| CVE-2024-7890 | 1 Citrix | 2 Workspace, Workspace App | 2024-10-22 | 7.3 High |
| Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows | ||||
| CVE-2024-7889 | 1 Citrix | 2 Workspace, Workspace App | 2024-10-22 | 7.3 High |
| Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows | ||||