VYPR

Vendor CVEs

Citrix Systems

All CVEs

387 total · sorted by risk
  • CVE-2016-9680HigJan 18, 2017
    risk 0.49cvss 7.5epss 0.02

    Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive information from kernel memory via unspecified vectors.

  • CVE-2016-6273HigOct 7, 2016
    risk 0.49cvss 7.5epss 0.02

    The lmadmin component in Flexera FlexNet Publisher (aka Flex License Manager) before 2015 SP5 and 2016 before R1 SP1, as used by Citrix License Server for Windows before 11.14.0.1 and Citrix License Server VPX before 11.14.0.1, allows remote attackers to cause a denial of…

  • CVE-2016-4810HigJun 1, 2016
    risk 0.49cvss 7.5epss 0.01

    Citrix Studio before 7.6.1000, Citrix XenDesktop 7.x before 7.6 LTSR Cumulative Update 1 (CU1), and Citrix XenApp 7.5 and 7.6 allow attackers to set Access Policy rules on the XenDesktop Delivery Controller via unspecified vectors.

  • CVE-2017-14602HigSep 26, 2017
    risk 0.47cvss 7.2epss 0.02

    A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before build 135.18, 10.5 before build 66.9, 10.5e before build 60.7010.e, 11.0 before build 70.16, 11.1 before build 55.13, and…

  • CVE-2016-9111MedNov 7, 2016
    risk 0.47cvss 6.8epss 0.02

    Incorrect access control mechanisms in Citrix Receiver Desktop Lock 4.5 allow an attacker to bypass the authentication requirement by leveraging physical access to a VDI for temporary disconnection of a LAN cable. NOTE: as of 20161208, the vendor could not reproduce the issue,…

  • CVE-2017-17382MedDec 13, 2017
    risk 0.42cvss 5.9epss 0.14

    Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA…

  • CVE-2017-14318MedSep 12, 2017
    risk 0.42cvss 6.5epss 0.00

    An issue was discovered in Xen 4.5.x through 4.9.x. The function `__gnttab_cache_flush` handles GNTTABOP_cache_flush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table is…

  • CVE-2017-12855MedAug 15, 2017
    risk 0.42cvss 6.5epss 0.00

    Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some…

  • CVE-2017-5572MedJan 30, 2017
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can corrupt the host database.

  • CVE-2009-2213MedJun 25, 2009
    risk 0.42cvss 6.5epss 0.02

    The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass…

  • CVE-2016-1571MedJan 22, 2016
    risk 0.41cvss 6.3epss 0.01

    The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID…

  • CVE-2025-1223MedFeb 20, 2025
    risk 0.40cvss 6.1epss 0.00

    An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac

  • CVE-2025-1222MedFeb 20, 2025
    risk 0.40cvss 6.1epss 0.00

    An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac

  • CVE-2018-10651MedMay 23, 2018
    risk 0.40cvss 6.1epss 0.01

    There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.

  • CVE-2018-10649MedMay 23, 2018
    risk 0.40cvss 6.1epss 0.01

    There is a Cross-Site Scripting Vulnerability in Citrix XenMobile Server 10.7 before RP3.

  • CVE-2018-6811MedMar 6, 2018
    risk 0.40cvss 6.1epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to inject arbitrary web script or HTML via the Citrix NetScaler interface.

  • CVE-2016-6259MedAug 2, 2016
    risk 0.40cvss 6.2epss 0.01

    Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.

  • CVE-2016-5433MedJun 17, 2016
    risk 0.40cvss 6.1epss 0.00

    Citrix iOS Receiver before 7.0 allows attackers to cause TLS certificates to be incorrectly validated via unspecified vectors.

  • CVE-2016-4945MedJun 1, 2016
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in vpn/js/gateway_login_form_view.js in Citrix NetScaler Gateway 11.0 before Build 66.11 allows remote attackers to inject arbitrary web script or HTML via the NSC_TMAC cookie.

  • CVE-2016-2789MedApr 7, 2016
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in the Web User Interface in Citrix XenMobile Server 10.0, 10.1 before Rolling Patch 4, and 10.3 before Rolling Patch 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2016-2072MedFeb 17, 2016
    risk 0.40cvss 6.1epss 0.01

    The Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, 10.5.e before Build 59.1305.e, and 10.1 allows remote attackers to conduct clickjacking attacks via…

  • CVE-2025-12101MedNov 11, 2025
    risk 0.39cvss epss 0.25

    Cross-Site Scripting (XSS) in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

  • CVE-2017-5933MedFeb 8, 2017
    risk 0.39cvss 5.9epss 0.03

    Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 randomly generates GCM nonces, which makes it marginally easier for remote attackers to obtain the GCM authentication key and spoof data by leveraging…

  • CVE-2016-10024MedJan 26, 2017
    risk 0.39cvss 6.0epss 0.00

    Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations.

  • CVE-2016-9385MedJan 23, 2017
    risk 0.39cvss 6.0epss 0.00

    The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks.

  • CVE-2017-17549MedDec 13, 2017
    risk 0.38cvss 5.9epss 0.02

    Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 allow remote attackers to obtain sensitive information from the backend client TLS handshake by…

  • CVE-2015-3642MedAug 2, 2017
    risk 0.38cvss 5.9epss 0.01

    The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x before 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8,…

  • CVE-2017-17565MedDec 12, 2017
    risk 0.36cvss 5.6epss 0.00

    An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P.

  • CVE-2016-10025MedJan 26, 2017
    risk 0.36cvss 5.5epss 0.00

    VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check.

  • CVE-2016-3712MedMay 11, 2016
    risk 0.36cvss 5.5epss 0.01

    Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.

  • CVE-2016-6877MedMay 5, 2017
    risk 0.35cvss 5.3epss 0.01

    Citrix XenMobile Server before 10.5.0.24 allows man-in-the-middle attackers to trigger HTTP 302 redirections via vectors involving the HTTP Host header and a cached page. NOTE: the vendor reports "our internal analysis of this issue concluded that this was not a valid…

  • CVE-2016-9677MedJan 18, 2017
    risk 0.35cvss 5.3epss 0.01

    Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive kernel address information via unspecified vectors.

  • CVE-2017-5573MedJan 30, 2017
    risk 0.32cvss 4.9epss 0.01

    An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can cancel tasks of other administrators.

  • CVE-2023-4966KEVOct 10, 2023
    risk 0.29cvss epss 1.00

    Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server.

  • CVE-2021-42237KEVNov 5, 2021
    risk 0.29cvss epss 0.99

    Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure deserialization attack where it is possible to achieve remote command execution on the machine. No authentication or special configuration is required to exploit this vulnerability.

  • CVE-2019-19781KEVDec 27, 2019
    risk 0.29cvss epss 1.00

    An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.

  • CVE-2023-3519KEVJul 19, 2023
    risk 0.28cvss epss 0.99

    Unauthenticated remote code execution

  • CVE-2018-16969MedSep 26, 2018
    risk 0.28cvss 4.3epss 0.01

    Citrix ShareFile StorageZones Controller before 5.4.2 has Information Exposure Through an Error Message.

  • CVE-2016-5109MedJul 13, 2016
    risk 0.28cvss 4.3epss 0.00

    Citrix Worx Home for iOS before 10.3.6 and XenMobile MDX Toolkit for iOS before 10.3.6 might allow physically proximate attackers to bypass in-application Apple Touch ID authentication via unspecified vectors, related to an application requiring re-authentication.

  • CVE-2025-5777KEVJun 17, 2025
    risk 0.26cvss epss 1.00

    Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

  • CVE-2019-13608KEVAug 29, 2019
    risk 0.24cvss epss 0.28

    Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks.

  • CVE-2019-12989KEVJul 16, 2019
    risk 0.22cvss epss 0.94

    Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection.

  • CVE-2019-11634KEVMay 22, 2019
    risk 0.22cvss epss 0.08

    Citrix Workspace App before 1904 for Windows has Incorrect Access Control.

  • CVE-2019-12991KEVJul 16, 2019
    risk 0.21cvss epss 0.74

    Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6).

  • CVE-2020-8193KEVJul 10, 2020
    risk 0.20cvss epss 0.88

    Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.

  • CVE-2018-16968LowSep 26, 2018
    risk 0.20cvss 3.1epss 0.01

    Citrix ShareFile StorageZones Controller before 5.4.2 allows Directory Traversal.

  • CVE-2023-6549KEVJan 17, 2024
    risk 0.18cvss epss 0.58

    Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read

  • CVE-2020-8195KEVJul 10, 2020
    risk 0.18cvss epss 0.33

    Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.

  • CVE-2020-8196KEVJul 10, 2020
    risk 0.17cvss epss 0.26

    Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.

  • CVE-2024-8069KEVNov 12, 2024
    risk 0.16cvss epss 0.15

    Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server

Page 2 of 8