Vulnerabilities > Citrix
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-11 | CVE-2024-7889 | Unspecified vulnerability in Citrix Workspace Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows | 7.3 |
| 2024-09-11 | CVE-2024-7890 | Unspecified vulnerability in Citrix Workspace Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows | 7.3 |
| 2024-09-10 | CVE-2024-42423 | Incorrect Authorization vulnerability in Citrix Workspace 23.9.0.24.4 Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. | 7.1 |
| 2024-07-10 | CVE-2024-6148 | Unspecified vulnerability in Citrix Workspace Bypass of GACS Policy Configuration settings in Citrix Workspace app for HTML5 | 8.8 |
| 2024-06-13 | CVE-2024-5661 | Unspecified vulnerability in Citrix Hypervisor and Xenserver An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive. | 6.0 |
| 2024-01-18 | CVE-2023-6184 | Cross-site Scripting vulnerability in Citrix Virtual Apps and Desktops Cross SiteScripting vulnerability in Citrix Session Recording allows attacker to perform Cross Site Scripting | 7.2 |
| 2024-01-17 | CVE-2023-6549 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Citrix products Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read | 7.5 |
| 2024-01-17 | CVE-2023-6548 | Code Injection vulnerability in Citrix products Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface. | 8.8 |
| 2023-10-27 | CVE-2023-4967 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Citrix products Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server | 7.5 |
| 2023-10-10 | CVE-2023-4966 | Unspecified vulnerability in Citrix products Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server. | 7.5 |