Vulnerabilities > Citrix > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-16 | CVE-2019-12989 | SQL Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection. | 7.5 |
| 2019-06-05 | CVE-2019-9548 | Unspecified vulnerability in Citrix Application Delivery Management 12.1 Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control. | 7.5 |
| 2019-05-22 | CVE-2019-11634 | Unspecified vulnerability in Citrix Receiver and Workspace Citrix Workspace App before 1904 for Windows has Incorrect Access Control. | 7.5 |
| 2018-12-08 | CVE-2018-19962 | Information Exposure vulnerability in multiple products An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones. | 7.8 |
| 2018-12-08 | CVE-2018-19961 | Incomplete Cleanup vulnerability in multiple products An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes. | 7.8 |
| 2018-10-24 | CVE-2018-18014 | Improper Authentication vulnerability in Citrix Xenmobile Server * Lack of authentication in Citrix Xen Mobile through 10.8 allows low-privileged local users to execute system commands as root by making requests to private services listening on ports 8000, 30000 and 30001. | 7.8 |
| 2018-10-24 | CVE-2018-18013 | Deserialization of Untrusted Data vulnerability in Citrix Xenmobile Server * Xen Mobile through 10.8.0 includes a service listening on port 5001 within its firewall that accepts unauthenticated input. | 7.8 |
| 2018-10-23 | CVE-2018-17448 | Unspecified vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | 7.5 |
| 2018-10-23 | CVE-2018-17446 | SQL Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | 7.5 |
| 2018-10-23 | CVE-2018-17445 | Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | 7.5 |