Vulnerabilities > Citrix > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-22 | CVE-2019-6485 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Citrix products Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 allow remote attackers to obtain sensitive plaintext information because of a TLS Padding Oracle Vulnerability when CBC-based cipher suites are enabled. | 4.3 |
| 2018-12-08 | CVE-2018-19965 | An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. | 5.6 |
| 2018-10-23 | CVE-2018-17447 | Information Exposure Through Log Files vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | 5.0 |
| 2018-10-23 | CVE-2018-17444 | Path Traversal vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan A Directory Traversal issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | 5.0 |
| 2018-09-26 | CVE-2018-16969 | Information Exposure vulnerability in Citrix Sharefile Storagezones Controller Citrix ShareFile StorageZones Controller before 5.4.2 has Information Exposure Through an Error Message. | 4.0 |
| 2018-06-21 | CVE-2018-3665 | Information Exposure vulnerability in multiple products System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. | 4.7 |
| 2018-05-23 | CVE-2018-10654 | Deserialization of Untrusted Data vulnerability in Citrix Xenmobile Server 10.7/10.8 There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | 6.8 |
| 2018-05-23 | CVE-2018-10652 | Information Exposure vulnerability in Citrix Xenmobile Server 10.7 There is a Sensitive Data Leakage issue in Citrix XenMobile Server 10.7 before RP3. | 5.0 |
| 2018-05-23 | CVE-2018-10651 | Open Redirect vulnerability in Citrix Xenmobile Server 10.7/10.8 There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | 5.8 |
| 2018-05-23 | CVE-2018-10650 | Untrusted Search Path vulnerability in Citrix Xenmobile Server 10.7/10.8 There is an Insufficient Path Validation Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | 6.8 |