Filtered by vendor Citrix
Subscribe
Total
380 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-6938 | 1 Citrix | 1 Netscaler Application Delivery Controller Firmware | 2014-03-11 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9.3 before 9.3-64.4 and 10.0 before 10.0-77.5 and Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to the "Virtual Machine Daemon." | |||||
CVE-2013-6939 | 1 Citrix | 1 Netscaler Application Delivery Controller Firmware | 2014-03-11 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to "RADIUS authentication." | |||||
CVE-2013-6077 | 1 Citrix | 1 Xendesktop | 2013-11-06 | 5.8 MEDIUM | N/A |
Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not properly enforce policy rule permissions, which allows remote attackers to bypass intended restrictions. | |||||
CVE-2013-6011 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Application Delivery Controller Firmware | 2013-10-07 | 7.8 HIGH | N/A |
Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request. | |||||
CVE-2013-2933 | 1 Citrix | 1 Cloudportal Services Manager | 2013-09-13 | 10.0 HIGH | N/A |
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | |||||
CVE-2013-2935 | 1 Citrix | 1 Cloudportal Services Manager | 2013-09-13 | 10.0 HIGH | N/A |
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | |||||
CVE-2013-2938 | 1 Citrix | 1 Cloudportal Services Manager | 2013-09-13 | 10.0 HIGH | N/A |
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | |||||
CVE-2013-2937 | 1 Citrix | 1 Cloudportal Services Manager | 2013-09-13 | 10.0 HIGH | N/A |
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, related to debugging messages, a different vulnerability than other CVEs listed in CTX137162. | |||||
CVE-2013-2939 | 1 Citrix | 1 Cloudportal Services Manager | 2013-09-13 | 10.0 HIGH | N/A |
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | |||||
CVE-2013-2940 | 1 Citrix | 1 Cloudportal Services Manager | 2013-09-13 | 10.0 HIGH | N/A |
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | |||||
CVE-2013-2934 | 1 Citrix | 1 Cloudportal Services Manager | 2013-09-13 | 10.0 HIGH | N/A |
Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 does not properly restrict access to web services, which has unspecified impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | |||||
CVE-2013-2936 | 1 Citrix | 1 Cloudportal Services Manager | 2013-09-13 | 10.0 HIGH | N/A |
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | |||||
CVE-2013-2767 | 1 Citrix | 2 Netscaler Access Gateway, Netscaler Access Gateway Firmware | 2013-05-01 | 5.4 MEDIUM | N/A |
Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors. | |||||
CVE-2012-5616 | 2 Apache, Citrix | 2 Cloudstack, Cloudplatform | 2013-04-01 | 1.5 LOW | N/A |
Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API. | |||||
CVE-2012-3516 | 2 Citrix, Xen | 2 Xenserver, Xen | 2013-01-31 | 6.9 MEDIUM | N/A |
The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hypervisor memory location. | |||||
CVE-2012-4501 | 2 Apache, Citrix | 2 Cloudstack, Cloudstack | 2012-10-26 | 10.0 HIGH | N/A |
Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs. | |||||
CVE-2011-1898 | 1 Citrix | 1 Xen | 2011-10-25 | 7.4 HIGH | N/A |
Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers." | |||||
CVE-2011-2882 | 1 Citrix | 1 Access Gateway | 2011-09-21 | 9.3 HIGH | N/A |
Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0 before 9.0-70.5, and 9.1 before 9.1-96.4 allows remote attackers to execute arbitrary code via crafted HTTP header data. | |||||
CVE-2010-4566 | 1 Citrix | 1 Access Gateway | 2011-09-21 | 9.3 HIGH | N/A |
The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and earlier, and the NTLM authentication component in Access Gateway Standard and Advanced Editions before Access Gateway 5.0, allows attackers to execute arbitrary commands via shell metacharacters in the password field. | |||||
CVE-2011-1583 | 1 Citrix | 1 Xen | 2011-08-23 | 6.9 MEDIUM | N/A |
Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields. |