Vulnerabilities > Citrix > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-13 | CVE-2024-5661 | Unspecified vulnerability in Citrix Hypervisor and Xenserver An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive. | 6.0 |
| 2023-07-19 | CVE-2023-3466 | Cross-site Scripting vulnerability in Citrix products Reflected Cross-Site Scripting (XSS) | 6.1 |
| 2023-07-10 | CVE-2023-24490 | Unspecified vulnerability in Citrix products Users with only access to launch VDA applications can launch an unauthorized desktop | 4.3 |
| 2023-07-10 | CVE-2023-24486 | Unspecified vulnerability in Citrix Workspace A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is launched. | 5.5 |
| 2023-07-10 | CVE-2023-24488 | Cross-site Scripting vulnerability in Citrix Application Delivery Controller and Gateway Cross site scripting vulnerability in Citrix ADC and Citrix Gateway? in allows and attacker to perform cross site scripting | 6.1 |
| 2023-02-16 | CVE-2023-24484 | Unspecified vulnerability in Citrix Workspace 1912/2105/2203.1 A malicious user can cause log files to be written to a directory that they do not have permission to write to. | 5.5 |
| 2023-01-26 | CVE-2022-27507 | Resource Exhaustion vulnerability in Citrix Application Delivery Controller and Gateway Authenticated denial of service | 6.5 |
| 2022-12-26 | CVE-2019-18177 | Unspecified vulnerability in Citrix Application Delivery Controller Firmware and Gateway In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. | 6.5 |
| 2022-07-28 | CVE-2022-27509 | Open Redirect vulnerability in Citrix Application Delivery Controller Firmware and Gateway Unauthenticated redirection to a malicious website | 6.1 |
| 2022-06-16 | CVE-2022-27512 | Use After Free vulnerability in Citrix Application Delivery Management Temporary disruption of the ADM license service. | 5.3 |