Vulnerabilities > Citrix > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-19 | CVE-2023-3519 | Code Injection vulnerability in Citrix products Unauthenticated remote code execution | 9.8 |
| 2023-07-10 | CVE-2023-24489 | Unspecified vulnerability in Citrix Sharefile Storage Zones Controller A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller. | 9.8 |
| 2022-12-13 | CVE-2022-27518 | Unspecified vulnerability in Citrix products Unauthenticated remote arbitrary code execution | 9.8 |
| 2022-11-08 | CVE-2022-27510 | Improper Authentication vulnerability in Citrix Application Delivery Controller Firmware and Gateway Unauthorized access to Gateway user capabilities | 9.8 |
| 2022-11-08 | CVE-2022-27513 | Insufficient Verification of Data Authenticity vulnerability in Citrix Application Delivery Controller Firmware and Gateway Remote desktop takeover via phishing | 9.6 |
| 2022-11-08 | CVE-2022-27516 | Improper Restriction of Excessive Authentication Attempts vulnerability in Citrix Application Delivery Controller Firmware and Gateway User login brute force protection functionality bypass | 9.8 |
| 2022-04-13 | CVE-2021-44520 | Command Injection vulnerability in Citrix Xenmobile Server 10.13.0/10.14.0 In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Command Injection vulnerability, leading to remote code execution with root privileges. | 9.0 |
| 2021-09-23 | CVE-2021-22941 | Unspecified vulnerability in Citrix Sharefile Storagezones Controller Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an unauthenticated attacker to remotely compromise the storage zones controller. | 10.0 |
| 2020-12-14 | CVE-2020-8283 | Improper Privilege Management vulnerability in Citrix Virtual Apps and Desktops, Xenapp and Xendesktop An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9. | 9.0 |
| 2020-11-16 | CVE-2020-8273 | OS Command Injection vulnerability in Citrix Sd-Wan Privilege escalation of an authenticated user to root in Citrix SD-WAN center versions before 11.2.2, 11.1.2b and 10.2.8. | 9.0 |