Vulnerabilities > Citrix > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-13 | CVE-2024-5661 | Unspecified vulnerability in Citrix Hypervisor and Xenserver An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive. | 6.0 |
| 2023-07-19 | CVE-2023-3466 | Cross-site Scripting vulnerability in Citrix products Reflected Cross-Site Scripting (XSS) | 6.1 |
| 2023-07-10 | CVE-2023-24490 | Unspecified vulnerability in Citrix products Users with only access to launch VDA applications can launch an unauthorized desktop | 4.3 |
| 2023-07-10 | CVE-2023-24486 | Unspecified vulnerability in Citrix Workspace A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is launched. | 5.5 |
| 2023-07-10 | CVE-2023-24488 | Cross-site Scripting vulnerability in Citrix Application Delivery Controller and Gateway Cross site scripting vulnerability in Citrix ADC and Citrix Gateway? in allows and attacker to perform cross site scripting | 6.1 |
| 2023-02-16 | CVE-2023-24484 | Unspecified vulnerability in Citrix Workspace 1912/2105/2203.1 A malicious user can cause log files to be written to a directory that they do not have permission to write to. | 5.5 |
| 2023-01-26 | CVE-2022-27507 | Resource Exhaustion vulnerability in Citrix Application Delivery Controller and Gateway Authenticated denial of service | 6.5 |
| 2022-06-16 | CVE-2022-27512 | Use After Free vulnerability in Citrix Application Delivery Management Temporary disruption of the ADM license service. | 5.0 |
| 2022-05-26 | CVE-2022-21827 | Improper Privilege Management vulnerability in Citrix Gateway Plug-In 12.158/12.158.15/13.061.48 An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows) <21.9.1.2 what could allow an attacker who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM. | 6.6 |
| 2022-04-13 | CVE-2022-27505 | Cross-site Scripting vulnerability in Citrix products Reflected cross site scripting (XSS) | 4.3 |