Vulnerabilities > Citrix > High

DATE CVE VULNERABILITY TITLE RISK
2017-08-24 CVE-2017-12134 Incorrect Calculation vulnerability in multiple products
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation.
local
low complexity
xen citrix CWE-682
8.8
2017-08-07 CVE-2015-7704 Improper Input Validation vulnerability in multiple products
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
network
low complexity
ntp debian netapp redhat mcafee citrix CWE-20
7.5
2017-06-16 CVE-2017-9231 XXE vulnerability in Citrix Xenmobile Server
XML external entity (XXE) vulnerability in Citrix XenMobile Server 9.x and 10.x before 10.5 RP3 allows attackers to obtain sensitive information via unspecified vectors.
network
low complexity
citrix CWE-611
7.5
2017-04-13 CVE-2017-7219 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Citrix Netscaler Gateway Firmware
A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors.
network
low complexity
citrix CWE-119
8.8
2017-02-17 CVE-2016-9637 Permissions, Privileges, and Access Controls vulnerability in Citrix Xenserver
The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access.
local
high complexity
citrix CWE-264
7.5
2017-01-23 CVE-2016-9386 Permissions, Privileges, and Access Controls vulnerability in multiple products
The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values.
local
low complexity
citrix xen CWE-264
7.8
2017-01-23 CVE-2016-9383 Improper Input Validation vulnerability in multiple products
Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions.
local
low complexity
xen citrix CWE-20
8.8
2017-01-23 CVE-2016-9382 Permissions, Privileges, and Access Controls vulnerability in multiple products
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode.
local
low complexity
xen citrix CWE-264
7.8
2017-01-23 CVE-2016-9381 Race Condition vulnerability in multiple products
Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability.
local
high complexity
qemu citrix CWE-362
7.5
2017-01-23 CVE-2016-9380 Improper Input Validation vulnerability in multiple products
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file.
local
high complexity
xen citrix CWE-20
7.5