Filtered by vendor Citrix
Subscriptions
Total
450 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-5492 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2025-07-25 | 6.1 Medium |
| Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites in NetScaler ADC and NetScaler Gateway | ||||
| CVE-2024-5491 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2025-07-25 | 7.5 High |
| Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler | ||||
| CVE-2024-6149 | 1 Citrix | 1 Workspace | 2025-07-25 | 6.1 Medium |
| Redirection of users to a vulnerable URL in Citrix Workspace app for HTML5 | ||||
| CVE-2023-6184 | 1 Citrix | 1 Virtual Apps And Desktops | 2025-06-02 | 5 Medium |
| Cross SiteScripting vulnerability in Citrix Session Recording allows attacker to perform Cross Site Scripting | ||||
| CVE-2024-6235 | 1 Citrix | 1 Netscaler Console | 2025-05-14 | 8.8 High |
| Sensitive information disclosure in NetScaler Console | ||||
| CVE-2022-27513 | 1 Citrix | 3 Application Delivery Controller, Application Delivery Controller Firmware, Gateway | 2025-05-01 | 8.3 High |
| Remote desktop takeover via phishing | ||||
| CVE-2022-27510 | 1 Citrix | 3 Application Delivery Controller, Application Delivery Controller Firmware, Gateway | 2025-05-01 | 9.8 Critical |
| Unauthorized access to Gateway user capabilities | ||||
| CVE-2022-27516 | 1 Citrix | 3 Application Delivery Controller, Application Delivery Controller Firmware, Gateway | 2025-05-01 | 5.3 Medium |
| User login brute force protection functionality bypass | ||||
| CVE-2022-34666 | 5 Citrix, Linux, Microsoft and 2 more | 6 Hypervisor, Linux Kernel, Windows and 3 more | 2025-05-01 | 6.5 Medium |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service. | ||||
| CVE-2022-34679 | 5 Citrix, Linux, Nvidia and 2 more | 6 Hypervisor, Linux Kernel, Cloud Gaming and 3 more | 2025-04-23 | 5.5 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unhandled return value can lead to a null-pointer dereference, which may lead to denial of service. | ||||
| CVE-2022-42255 | 5 Citrix, Linux, Nvidia and 2 more | 6 Hypervisor, Linux Kernel, Cloud Gaming and 3 more | 2025-04-23 | 5.3 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering. | ||||
| CVE-2022-42257 | 6 Citrix, Debian, Linux and 3 more | 13 Hypervisor, Debian Linux, Linux Kernel and 10 more | 2025-04-23 | 5.3 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure, data tampering or denial of service. | ||||
| CVE-2015-7704 | 6 Citrix, Debian, Mcafee and 3 more | 16 Xenserver, Debian Linux, Enterprise Security Manager and 13 more | 2025-04-20 | 7.5 High |
| The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. | ||||
| CVE-2017-12134 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-20 | N/A |
| The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation. | ||||
| CVE-2016-10025 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-20 | N/A |
| VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check. | ||||
| CVE-2016-6877 | 1 Citrix | 1 Xenmobile Server | 2025-04-20 | N/A |
| Citrix XenMobile Server before 10.5.0.24 allows man-in-the-middle attackers to trigger HTTP 302 redirections via vectors involving the HTTP Host header and a cached page. NOTE: the vendor reports "our internal analysis of this issue concluded that this was not a valid vulnerability" because an exploitation scenario would involve a man-in-the-middle attack against a TLS session | ||||
| CVE-2016-9383 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-20 | N/A |
| Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions. | ||||
| CVE-2016-9678 | 1 Citrix | 1 Provisioning Services | 2025-04-20 | N/A |
| Use-after-free vulnerability in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2016-9385 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-20 | N/A |
| The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks. | ||||
| CVE-2016-9380 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-20 | N/A |
| The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file. | ||||