Citrix Security Vulnerabilities
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data...
7.1CVSS
6.5AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a null-pointer dereference, which may lead to denial of...
5.5CVSS
5.7AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow in index validation may lead to denial of service, information disclosure, or data...
7.8CVSS
7.6AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause a null-pointer dereference, which may lead to denial of...
6.5CVSS
6.3AI Score
0.0004EPSS
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of...
7.8CVSS
7.6AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of...
7.8CVSS
7.3AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one error may lead to data tampering or information...
7.1CVSS
6.7AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, data tampering, or information...
7.8CVSS
7.3AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of...
5.5CVSS
6AI Score
0.0004EPSS
NVIDIA vGPU Display Driver for Linux guest contains a vulnerability in a D-Bus configuration file, where an unauthorized user in the guest VM can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data...
7.8CVSS
7.9AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an Integer overflow may lead to denial of service or information...
7.1CVSS
6.9AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service, data tampering, or information...
7.3CVSS
7AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of...
5.5CVSS
5.8AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data...
7.1CVSS
6.7AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure, data tampering or denial of...
7.3CVSS
7AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of...
6.5CVSS
5.8AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information...
6.8CVSS
6.2AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or...
7.8CVSS
7AI Score
0.0004EPSS
Citrix XenMobile Server 10.12 through RP11, 10.13 through RP7, and 10.14 through RP4 allows Command...
7.2CVSS
7.4AI Score
0.002EPSS
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to...
7.1CVSS
7.2AI Score
0.0004EPSS
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x...
7.8CVSS
7.1AI Score
0.0004EPSS
NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2) and...
7.8CVSS
7AI Score
0.0004EPSS
NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2), version....
7.8CVSS
7AI Score
0.0004EPSS
NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input data size is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to...
7.1CVSS
7AI Score
0.0004EPSS
8CVSS
8.7AI Score
0.0004EPSS
8.3CVSS
7.2AI Score
0.001EPSS
A vulnerability has been discovered in the Citrix Secure Access client for Ubuntu which, if exploited, could allow an attacker to remotely execute code if a victim user opens an attacker-crafted link and accepts further...
9.6CVSS
8.6AI Score
0.002EPSS
A vulnerability has been discovered in the Citrix Secure Access client for Windows which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of NT...
7.8CVSS
7.5AI Score
0.0004EPSS
6.3CVSS
4.6AI Score
0.0004EPSS
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones...
Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has...
8.1CVSS
8AI Score
0.003EPSS
A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is...
5.5CVSS
5.5AI Score
0.0004EPSS
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a guest OS may be able to control resources for which it is not authorized, which may lead to information disclosure and data...
7.1CVSS
6.9AI Score
0.0004EPSS
An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111 with App Protection installed that can allow an attacker to perform local privilege...
7.8CVSS
7.4AI Score
0.0004EPSS
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management when an affected device.....
5.5CVSS
5.3AI Score
0.0004EPSS
NVIDIA Display Driver for Linux contains a vulnerability in the Virtual GPU Manager, where it does not check the return value from a null-pointer dereference, which may lead to denial of...
5.5CVSS
6AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer handler, where improper privilege management can lead to escalation of privileges and information...
7.8CVSS
7.5AI Score
0.0004EPSS
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious user in a guest VM can cause a NULL-pointer dereference, which may lead to denial of...
6.5CVSS
6.4AI Score
0.0004EPSS
A malicious user can cause log files to be written to a directory that they do not have permission to write...
5.5CVSS
5.9AI Score
0.0004EPSS
Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace...
7.8CVSS
7.7AI Score
0.0004EPSS
A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows...
7.8CVSS
7.4AI Score
0.0004EPSS
Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE...
5.5CVSS
6.4AI Score
0.001EPSS
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or...
9.1CVSS
7.7AI Score
0.001EPSS
6.5CVSS
6.4AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory...
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of...
7.8CVSS
7.5AI Score
0.0004EPSS
In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and later releases before the CTX276688...
6.5CVSS
6.5AI Score
0.001EPSS
In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Directory Traversal vulnerability, leading to remote code...
8.8CVSS
9AI Score
0.011EPSS
Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 does not apply an access policy when it is defined with the Access Gateway Advanced Edition filters, which allows attackers to bypass intended access restrictions via unknown...
6.7AI Score
0.006EPSS