Filtered by vendor Citrix Subscriptions
Total 423 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-27511 1 Citrix 1 Application Delivery Management 2024-09-17 8.1 High
Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted.
CVE-2018-3665 6 Canonical, Citrix, Debian and 3 more 17 Ubuntu Linux, Xenserver, Debian Linux and 14 more 2024-09-17 5.6 Medium
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
CVE-2012-4501 2 Apache, Citrix 2 Cloudstack, Cloudstack 2024-09-17 N/A
Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs.
CVE-2013-2767 1 Citrix 2 Netscaler Access Gateway, Netscaler Access Gateway Firmware 2024-09-17 N/A
Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors.
CVE-2013-2934 1 Citrix 1 Cloudportal Services Manager 2024-09-16 N/A
Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 does not properly restrict access to web services, which has unspecified impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.
CVE-2022-27512 1 Citrix 1 Application Delivery Management 2024-09-16 5.3 Medium
Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM.
CVE-2013-2938 1 Citrix 1 Cloudportal Services Manager 2024-09-16 N/A
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.
CVE-2010-2991 1 Citrix 1 Online Plug-in For Windows For Xenapp \& Xendesktop 2024-09-16 N/A
The IICAClient interface in the ICAClient library in the ICA Client ActiveX Object (aka ICO) component in Citrix Online Plug-in for Windows for XenApp & XenDesktop before 12.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document that triggers the reading of a .ICA file.
CVE-2013-2933 1 Citrix 1 Cloudportal Services Manager 2024-09-16 N/A
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.
CVE-2013-2940 1 Citrix 1 Cloudportal Services Manager 2024-09-16 N/A
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.
CVE-2009-2452 1 Citrix 1 Licensing 2024-09-16 N/A
Multiple unspecified vulnerabilities in Citrix Licensing 11.5 have unknown impact and attack vectors, related to "underlying components of the License Management Console."
CVE-2013-2939 1 Citrix 1 Cloudportal Services Manager 2024-09-16 N/A
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.
CVE-2009-2454 1 Citrix 1 Web Interface 2024-09-16 N/A
Cross-site scripting (XSS) vulnerability in Citrix Web Interface 4.6, 5.0, and 5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2005-4412 1 Citrix 1 Program Neighborhood Client 2024-09-16 N/A
Citrix Program Neighborhood client before 9.150 caches the user password in plaintext in the GUI while asterisks are used to visually obfuscate the password, which allows attackers with access to the session to obtain the password by using a tool to directly access the field.
CVE-2022-27505 1 Citrix 24 Sd-wan 1000, Sd-wan 1000 Firmware, Sd-wan 110 and 21 more 2024-09-16 6.1 Medium
Reflected cross site scripting (XSS)
CVE-2013-2936 1 Citrix 1 Cloudportal Services Manager 2024-09-16 N/A
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.
CVE-2022-27509 1 Citrix 3 Application Delivery Controller, Application Delivery Controller Firmware, Gateway 2024-09-16 6.1 Medium
Unauthenticated redirection to a malicious website
CVE-2009-2453 1 Citrix 2 Presentation Server, Xenapp 2024-09-16 N/A
Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 does not apply an access policy when it is defined with the Access Gateway Advanced Edition filters, which allows attackers to bypass intended access restrictions via unknown vectors.
CVE-2022-27506 1 Citrix 26 Sd-wan 1000, Sd-wan 1000 Firmware, Sd-wan 110 and 23 more 2024-09-16 2.7 Low
Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI
CVE-2013-6011 1 Citrix 2 Netscaler Application Delivery Controller, Netscaler Application Delivery Controller Firmware 2024-09-16 N/A
Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request.