Filtered by vendor Citrix
Subscribe
Total
412 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24489 | 1 Citrix | 1 Sharefile Storage Zones Controller | 2023-07-18 | N/A | 9.8 CRITICAL |
| A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller. | |||||
| CVE-2023-24486 | 1 Citrix | 1 Workspace | 2023-07-18 | N/A | 5.5 MEDIUM |
| A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is launched. | |||||
| CVE-2023-24490 | 1 Citrix | 2 Linux Virtual Delivery Agent, Virtual Apps And Desktops | 2023-07-18 | N/A | 4.3 MEDIUM |
| Users with only access to launch VDA applications can launch an unauthorized desktop | |||||
| CVE-2022-27511 | 1 Citrix | 1 Application Delivery Management | 2023-07-18 | 7.8 HIGH | 8.1 HIGH |
| Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted. | |||||
| CVE-2023-25517 | 4 Citrix, Nvidia, Redhat and 1 more | 4 Hypervisor, Gpu Display Driver, Enterprise Linux Kernel-based Virtual Machine and 1 more | 2023-07-12 | N/A | 7.1 HIGH |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a guest OS may be able to control resources for which it is not authorized, which may lead to information disclosure and data tampering. | |||||
| CVE-2022-21825 | 1 Citrix | 1 Workspace | 2023-06-27 | 4.6 MEDIUM | 7.8 HIGH |
| An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111 with App Protection installed that can allow an attacker to perform local privilege escalation. | |||||
| CVE-2022-20717 | 2 Cisco, Citrix | 9 1100 Integrated Services Router, Sd-wan Vedge Router, Sd-wan 1000 and 6 more | 2023-05-22 | 4.9 MEDIUM | 5.5 MEDIUM |
| A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management when an affected device receives large amounts of traffic. An attacker could exploit this vulnerability by sending malicious traffic to an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition. | |||||
| CVE-2022-34675 | 3 Citrix, Nvidia, Redhat | 9 Hypervisor, Cloud Gaming, Geforce and 6 more | 2023-05-11 | N/A | 5.5 MEDIUM |
| NVIDIA Display Driver for Linux contains a vulnerability in the Virtual GPU Manager, where it does not check the return value from a null-pointer dereference, which may lead to denial of service. | |||||
| CVE-2023-0192 | 4 Citrix, Nvidia, Redhat and 1 more | 4 Hypervisor, Virtual Gpu, Enterprise Linux Kernel-based Virtual Machine and 1 more | 2023-04-10 | N/A | 7.8 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer handler, where improper privilege management can lead to escalation of privileges and information disclosure. | |||||
| CVE-2023-0197 | 4 Citrix, Nvidia, Redhat and 1 more | 4 Hypervisor, Virtual Gpu, Enterprise Linux Kernel-based Virtual Machine and 1 more | 2023-04-10 | N/A | 6.5 MEDIUM |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious user in a guest VM can cause a NULL-pointer dereference, which may lead to denial of service. | |||||
| CVE-2023-24483 | 2 Citrix, Microsoft | 2 Virtual Apps And Desktops, Windows | 2023-02-24 | N/A | 7.8 HIGH |
| A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA. | |||||
| CVE-2023-24484 | 1 Citrix | 1 Workspace | 2023-02-24 | N/A | 5.5 MEDIUM |
| A malicious user can cause log files to be written to a directory that they do not have permission to write to. | |||||
| CVE-2023-24485 | 1 Citrix | 1 Workspace | 2023-02-24 | N/A | 7.8 HIGH |
| Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app. | |||||
| CVE-2017-2615 | 5 Citrix, Debian, Qemu and 2 more | 10 Xenserver, Debian Linux, Qemu and 7 more | 2023-02-12 | 9.0 HIGH | 9.1 CRITICAL |
| Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host. | |||||
| CVE-2016-3712 | 6 Canonical, Citrix, Debian and 3 more | 11 Ubuntu Linux, Xenserver, Debian Linux and 8 more | 2023-02-12 | 2.1 LOW | 5.5 MEDIUM |
| Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode. | |||||
| CVE-2022-27508 | 1 Citrix | 2 Application Delivery Controller, Gateway | 2023-02-01 | N/A | 7.5 HIGH |
| Unauthenticated denial of service | |||||
| CVE-2022-27507 | 1 Citrix | 2 Application Delivery Controller, Gateway | 2023-02-01 | N/A | 6.5 MEDIUM |
| Authenticated denial of service | |||||
| CVE-2019-19781 | 1 Citrix | 6 Application Delivery Controller, Application Delivery Controller Firmware, Gateway and 3 more | 2023-01-20 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. | |||||
| CVE-2022-42262 | 5 Citrix, Linux, Nvidia and 2 more | 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more | 2023-01-11 | N/A | 7.8 HIGH |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service. | |||||
| CVE-2019-18177 | 1 Citrix | 3 Application Delivery Controller, Application Delivery Controller Firmware, Gateway | 2023-01-05 | N/A | 6.5 MEDIUM |
| In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and later releases before the CTX276688 update. | |||||