Vulnerabilities > Citrix
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-05-01 | CVE-2014-2881 | Security vulnerability in Citrix NetScaler Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors. | 10.0 |
| 2014-04-15 | CVE-2014-2690 | Permissions, Privileges, and Access Controls vulnerability in Citrix Vdi-In-A-Box Citrix VDI-in-a-Box 5.3.x before 5.3.6 and 5.4.x before 5.4.3 allows local users to obtain administrator credentials by reading the log. | 2.1 |
| 2014-03-11 | CVE-2013-6944 | Cross-Site Scripting vulnerability in Citrix Netscaler Application Delivery Controller Firmware Cross-site scripting (XSS) vulnerability in the user interface in the AAA TM vServer in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2014-03-11 | CVE-2013-6943 | Code Injection vulnerability in Citrix Netscaler Application Delivery Controller Firmware Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to conduct an LDAP injection attack via vectors related to SSH and Web management usernames. | 5.0 |
| 2014-03-11 | CVE-2013-6942 | Cross-Site Request Forgery (CSRF) vulnerability in Citrix Netscaler Application Delivery Controller Firmware Cross-site request forgery (CSRF) vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
| 2014-03-11 | CVE-2013-6941 | Unspecified vulnerability in Citrix Netscaler Application Delivery Controller Firmware Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows users to "breakout" of the shell via unknown vectors. | 10.0 |
| 2014-03-11 | CVE-2013-6940 | Credentials Management vulnerability in Citrix Netscaler Application Delivery Controller Firmware Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 logs user credentials, which allows attackers to obtain sensitive information via unspecified vectors. | 5.0 |
| 2014-03-11 | CVE-2013-6939 | Denial of Service vulnerability in Citrix NetScaler Application Delivery Controller Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to "RADIUS authentication." | 5.0 |
| 2014-03-11 | CVE-2013-6938 | Denial of Service vulnerability in Citrix NetScaler Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9.3 before 9.3-64.4 and 10.0 before 10.0-77.5 and Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to the "Virtual Machine Daemon." | 5.0 |
| 2014-02-21 | CVE-2014-1910 | Cryptographic Issues vulnerability in Citrix Sharefile Mobile and Sharefile Mobile for Tablets Citrix ShareFile Mobile and ShareFile Mobile for Tablets before 2.4.4 for Android do not verify X.509 certificates from SSL servers, which allow man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |