Filtered by vendor Citrix
Subscribe
Total
393 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-9603 | 4 Citrix, Debian, Qemu and 1 more | 9 Xenserver, Debian Linux, Qemu and 6 more | 2024-11-21 | 9.0 HIGH | 5.5 MEDIUM |
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process. | |||||
CVE-2016-9386 | 2 Citrix, Xen | 2 Xenserver, Xen | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values. | |||||
CVE-2016-9385 | 2 Citrix, Xen | 2 Xenserver, Xen | 2024-11-21 | 4.9 MEDIUM | 6.0 MEDIUM |
The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks. | |||||
CVE-2016-9383 | 2 Citrix, Xen | 2 Xenserver, Xen | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions. | |||||
CVE-2016-9382 | 2 Citrix, Xen | 2 Xenserver, Xen | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode. | |||||
CVE-2016-9381 | 2 Citrix, Qemu | 2 Xenserver, Qemu | 2024-11-21 | 6.9 MEDIUM | 7.5 HIGH |
Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability. | |||||
CVE-2016-9380 | 2 Citrix, Xen | 2 Xenserver, Xen | 2024-11-21 | 4.6 MEDIUM | 7.5 HIGH |
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file. | |||||
CVE-2016-9379 | 2 Citrix, Xen | 2 Xenserver, Xen | 2024-11-21 | 4.6 MEDIUM | 7.9 HIGH |
The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file. | |||||
CVE-2016-9111 | 1 Citrix | 1 Receiver Desktop | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
Incorrect access control mechanisms in Citrix Receiver Desktop Lock 4.5 allow an attacker to bypass the authentication requirement by leveraging physical access to a VDI for temporary disconnection of a LAN cable. NOTE: as of 20161208, the vendor could not reproduce the issue, stating "the researcher was unable to provide us with information that would allow us to confirm the behaviour and, despite extensive investigation on test deployments of supported products, we were unable to reproduce the behaviour as he described. The researcher has also, despite additional requests for information, ceased to respond to us." | |||||
CVE-2016-9028 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Application Delivery Controller Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F and 11.1 47.14 allows a remote attacker to steal session cookies of a legitimate AAA user via manipulation of Host header. | |||||
CVE-2016-6877 | 1 Citrix | 1 Xenmobile Server | 2024-11-21 | 2.6 LOW | 5.3 MEDIUM |
** DISPUTED ** Citrix XenMobile Server before 10.5.0.24 allows man-in-the-middle attackers to trigger HTTP 302 redirections via vectors involving the HTTP Host header and a cached page. NOTE: the vendor reports "our internal analysis of this issue concluded that this was not a valid vulnerability" because an exploitation scenario would involve a man-in-the-middle attack against a TLS session. | |||||
CVE-2016-6493 | 1 Citrix | 2 Xenapp, Xendesktop | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigation via vectors related to memory permission. | |||||
CVE-2016-6276 | 1 Citrix | 1 Linux Virtual Delivery Agent | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
Citrix Linux Virtual Delivery Agent (aka VDA, formerly Linux Virtual Desktop) before 1.4.0 allows local users to gain root privileges via unspecified vectors. | |||||
CVE-2016-6273 | 1 Citrix | 2 License Server, License Server Vpx | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
The lmadmin component in Flexera FlexNet Publisher (aka Flex License Manager) before 2015 SP5 and 2016 before R1 SP1, as used by Citrix License Server for Windows before 11.14.0.1 and Citrix License Server VPX before 11.14.0.1, allows remote attackers to cause a denial of service (crash) via a type 2F packet with a '01 19' opcode. | |||||
CVE-2016-6259 | 2 Citrix, Xen | 2 Xenserver, Xen | 2024-11-21 | 4.9 MEDIUM | 6.2 MEDIUM |
Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check. | |||||
CVE-2016-6258 | 2 Citrix, Xen | 2 Xenserver, Xen | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries. | |||||
CVE-2016-5433 | 1 Citrix | 1 Ios Receiver | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
Citrix iOS Receiver before 7.0 allows attackers to cause TLS certificates to be incorrectly validated via unspecified vectors. | |||||
CVE-2016-5302 | 1 Citrix | 1 Xenserver | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging credentials for an Active Directory account. | |||||
CVE-2016-5109 | 1 Citrix | 2 Worx Home, Xenmobile Mdx Toolkit | 2024-11-21 | 2.1 LOW | 4.3 MEDIUM |
Citrix Worx Home for iOS before 10.3.6 and XenMobile MDX Toolkit for iOS before 10.3.6 might allow physically proximate attackers to bypass in-application Apple Touch ID authentication via unspecified vectors, related to an application requiring re-authentication. | |||||
CVE-2016-4945 | 1 Citrix | 2 Netscaler Gateway 11.0, Netscaler Gateway 11.0 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in vpn/js/gateway_login_form_view.js in Citrix NetScaler Gateway 11.0 before Build 66.11 allows remote attackers to inject arbitrary web script or HTML via the NSC_TMAC cookie. |