Vulnerabilities > Citrix > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-03-11 | CVE-2013-6939 | Denial of Service vulnerability in Citrix NetScaler Application Delivery Controller Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to "RADIUS authentication." | 5.0 |
| 2014-03-11 | CVE-2013-6938 | Denial of Service vulnerability in Citrix NetScaler Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9.3 before 9.3-64.4 and 10.0 before 10.0-77.5 and Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to the "Virtual Machine Daemon." | 5.0 |
| 2014-02-21 | CVE-2014-1910 | Cryptographic Issues vulnerability in Citrix Sharefile Mobile and Sharefile Mobile for Tablets Citrix ShareFile Mobile and ShareFile Mobile for Tablets before 2.4.4 for Android do not verify X.509 certificates from SSL servers, which allow man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |
| 2014-02-06 | CVE-2014-1663 | Information Disclosure vulnerability in Citrix products Unspecified vulnerability in Citrix XenMobile Device Manager server (formerly Zenprise Device Manager server) 8.5, 8.6, and MDM 8.0.1 allows remote attackers to obtain sensitive information via unknown vectors. | 5.0 |
| 2014-01-26 | CVE-2014-1664 | Information Exposure vulnerability in Citrix Gotomeeting 5.0.799.1238 The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP requests containing sensitive information, which allows attackers to obtain user IDs, meeting details, and authentication tokens via an application that reads the system log file. | 5.0 |
| 2013-11-05 | CVE-2013-6077 | Permissions, Privileges, and Access Controls vulnerability in Citrix Xendesktop 7.0 Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not properly enforce policy rule permissions, which allows remote attackers to bypass intended restrictions. | 5.8 |
| 2013-04-25 | CVE-2013-2767 | Unauthorized Access vulnerability in Citrix products Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors. | 5.4 |
| 2013-03-19 | CVE-2013-2263 | Permissions, Privileges, and Access Controls vulnerability in Citrix Access Gateway Unspecified vulnerability in Citrix Access Gateway Standard Edition 5.0.x before 5.0.4.223524 allows remote attackers to access network resources via unknown attack vectors. | 5.0 |
| 2012-12-26 | CVE-2012-6314 | Local Security Bypass vulnerability in Citrix Xendesktop 5.6 Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x before 5.6.200, when making changes to the server-side policy that control USB redirection, does not propagate changes to the VDA, which allows authenticated users to retain access to the USB device. | 5.0 |
| 2012-11-23 | CVE-2012-3516 | Permissions, Privileges, and Access Controls vulnerability in multiple products The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hypervisor memory location. | 6.9 |