Vulnerabilities > Citrix
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-13 | CVE-2022-27518 | Unspecified vulnerability in Citrix products Unauthenticated remote arbitrary code execution | 9.8 |
2022-11-08 | CVE-2022-27510 | Improper Authentication vulnerability in Citrix Application Delivery Controller Firmware and Gateway Unauthorized access to Gateway user capabilities | 9.8 |
2022-11-08 | CVE-2022-27513 | Insufficient Verification of Data Authenticity vulnerability in Citrix Application Delivery Controller Firmware and Gateway Remote desktop takeover via phishing | 9.6 |
2022-11-08 | CVE-2022-27516 | Improper Restriction of Excessive Authentication Attempts vulnerability in Citrix Application Delivery Controller Firmware and Gateway User login brute force protection functionality bypass | 9.8 |
2022-06-16 | CVE-2022-27511 | Unspecified vulnerability in Citrix Application Delivery Management Corruption of the system by a remote, unauthenticated user. | 8.1 |
2022-06-16 | CVE-2022-27512 | Use After Free vulnerability in Citrix Application Delivery Management Temporary disruption of the ADM license service. | 5.0 |
2022-05-26 | CVE-2022-21827 | Improper Privilege Management vulnerability in Citrix Gateway Plug-In 12.158/12.158.15/13.061.48 An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows) <21.9.1.2 what could allow an attacker who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM. | 6.6 |
2022-04-19 | CVE-2021-44519 | Path Traversal vulnerability in Citrix Xenmobile Server 10.13.0/10.14.0 In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Directory Traversal vulnerability, leading to remote code execution. | 8.8 |
2022-04-13 | CVE-2022-27503 | Cross-site Scripting vulnerability in Citrix Storefront Server Cross-site Scripting (XSS) vulnerability in Citrix StoreFront affects version 1912 before CU5 and version 3.12 before CU9 | 2.6 |
2022-04-13 | CVE-2022-27505 | Cross-site Scripting vulnerability in Citrix products Reflected cross site scripting (XSS) | 4.3 |