Filtered by vendor Citrix
Subscriptions
Total
423 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2010-0633 | 1 Citrix | 1 Xenserver | 2024-09-16 | N/A |
Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users to bypass authentication and execute unspecified Xen API (XAPI) calls via unknown vectors. | ||||
CVE-2018-11053 | 4 Citrix, Dell, Redhat and 1 more | 4 Xenserver, Emc Idrac Service Module, Enterprise Linux and 1 more | 2024-09-16 | 6.5 Medium |
Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1.0, v3.2.0, when started, changes the default file permission of the hosts file of the host operating system (/etc/hosts) to world writable. A malicious low privileged operating system user or process could modify the host file and potentially redirect traffic from the intended destination to sites hosting malicious or unwanted content. | ||||
CVE-2024-6148 | 1 Citrix | 1 Workspace | 2024-09-05 | 8.8 High |
Bypass of GACS Policy Configuration settings in Citrix Workspace app for HTML5 | ||||
CVE-2023-31021 | 7 Canonical, Citrix, Linux-kvm and 4 more | 7 Ubuntu Linux, Hypervisor, Kernel Virtual Machine and 4 more | 2024-09-05 | 5.5 Medium |
NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may lead to denial of service. | ||||
CVE-2023-31026 | 6 Canonical, Citrix, Linux-kvm and 3 more | 6 Ubuntu Linux, Hypervisor, Kernel Virtual Machine and 3 more | 2024-09-05 | 6 Medium |
NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a NULL-pointer dereference may lead to denial of service. | ||||
CVE-2024-0093 | 5 Canonical, Citrix, Nvidia and 2 more | 6 Ubuntu Linux, Hypervisor, Cloud Gaming and 3 more | 2024-08-19 | 6.5 Medium |
NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information to an actor that is not explicitly authorized to have access to that information. A successful exploit of this vulnerability might lead to information disclosure. | ||||
CVE-2024-0085 | 6 Canonical, Citrix, Microsoft and 3 more | 7 Ubuntu Linux, Hypervisor, Azure Stack Hci and 4 more | 2024-08-19 | 6.3 Medium |
NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. A successful exploit of this vulnerability might lead to data tampering, escalation of privileges, and denial of service. | ||||
CVE-2024-0092 | 6 Canonical, Citrix, Microsoft and 3 more | 14 Ubuntu Linux, Hypervisor, Azure Stack Hci and 11 more | 2024-08-15 | 5.5 Medium |
NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service. | ||||
CVE-2024-0091 | 7 Canonical, Citrix, Linux and 4 more | 16 Ubuntu Linux, Hypervisor, Linux Kernel and 13 more | 2024-08-15 | 7.8 High |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering. | ||||
CVE-2024-0090 | 7 Canonical, Citrix, Linux and 4 more | 16 Ubuntu Linux, Hypervisor, Linux Kernel and 13 more | 2024-08-15 | 7.8 High |
NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
CVE-2024-0086 | 5 Canonical, Citrix, Nvidia and 2 more | 6 Ubuntu Linux, Hypervisor, Cloud Gaming and 3 more | 2024-08-15 | 5.5 Medium |
NVIDIA vGPU software for Linux contains a vulnerability where the software can dereference a NULL pointer. A successful exploit of this vulnerability might lead to denial of service and undefined behavior in the vGPU plugin. | ||||
CVE-2024-0084 | 5 Canonical, Citrix, Nvidia and 2 more | 6 Ubuntu Linux, Hypervisor, Cloud Gaming and 3 more | 2024-08-15 | 7.8 High |
NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could execute privileged operations. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service. | ||||
CVE-2023-4966 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2024-08-14 | 9.4 Critical |
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. | ||||
CVE-2000-0244 | 1 Citrix | 2 Metaframe, Winframe | 2024-08-08 | N/A |
The Citrix ICA (Independent Computing Architecture) protocol uses weak encryption (XOR) for user authentication. | ||||
CVE-2001-1192 | 1 Citrix | 1 Ica Client | 2024-08-08 | N/A |
Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 allows remote malicious web sites to execute arbitrary code via a .ICA file, which is downloaded and automatically executed by the client. | ||||
CVE-2001-0908 | 1 Citrix | 1 Metaframe | 2024-08-08 | N/A |
CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT). | ||||
CVE-2001-0760 | 1 Citrix | 1 Nfuse | 2024-08-08 | N/A |
Citrix Nfuse 1.51 allows remote attackers to obtain the absolute path of the web root via a malformed request to launch.asp that does not provide the session field. | ||||
CVE-2001-0716 | 1 Citrix | 1 Metaframe | 2024-08-08 | N/A |
Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service Pack 1 and earlier, allows remote attackers to cause a denial of service (crash) via a large number of incomplete connections to the server. | ||||
CVE-2002-2426 | 1 Citrix | 3 Access Essentials, Metaframe Presentation Server, Presentation Server | 2024-08-08 | N/A |
Cross-site request forgery (CSRF) vulnerability in Citrix Presentation Server 4.0 and 4.5, MetaFrame Presentation Server 3.0, and Access Essentials 1.0 through 2.0 allows remote attackers to execute arbitrary published applications, and possibly other programs, as authenticated users via the InitialProgram key in an ICA connection. NOTE: some of these details are obtained from third party information. | ||||
CVE-2002-0502 | 1 Citrix | 1 Nfuse | 2024-08-08 | N/A |
Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page. |