cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2008-3485,https://securityvulnerability.io/vulnerability/CVE-2008-3485,,Untrusted search path vulnerability in Citrix MetaFrame Presentation Server allows local users to gain privileges via a malicious icabar.exe placed in the search path.,Citrix,"Metaframe Presentation Server,Xp",,,0.0004199999966658652,false,false,false,false,,false,false,2008-08-06T17:05:00.000Z,0
CVE-2008-2300,https://securityvulnerability.io/vulnerability/CVE-2008-2300,,"Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors.",Citrix,"Metaframe Presentation Server,Access Essentials,Desktop Server,Citrix Presentation Server",,,0.00482999999076128,false,false,false,false,,false,false,2008-05-18T14:00:00.000Z,0
CVE-2008-0356,https://securityvulnerability.io/vulnerability/CVE-2008-0356,,"Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513.",Citrix,"Metaframe Presentation Server,Presentation Server,Desktop Server,Access Essentials",,,0.8069300055503845,false,false,false,false,,false,false,2008-01-18T21:00:00.000Z,0
CVE-2007-3625,https://securityvulnerability.io/vulnerability/CVE-2007-3625,,The Program Neighborhood Agent in Citrix Presentation Server Clients for 32-bit Windows before 10.100 allows remote attackers to cause a denial of service (agent exit) via a certain request that uses content redirection and a long pathname.,Citrix,Metaframe Presentation Server,,,0.027140000835061073,false,false,false,false,,false,false,2007-07-09T16:00:00.000Z,0
CVE-2007-2850,https://securityvulnerability.io/vulnerability/CVE-2007-2850,,"The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0 and 1.5, allows remote attackers to bypass network security policies and connect to arbitrary TCP ports via a modified address:port string.",Citrix,"Access Essentials,Metaframe",,,0.2504599988460541,false,false,false,false,,false,false,2007-05-24T18:00:00.000Z,0
CVE-2007-0444,https://securityvulnerability.io/vulnerability/CVE-2007-0444,,"Stack-based buffer overflow in the print provider library (cpprov.dll) in Citrix Presentation Server 4.0, MetaFrame Presentation Server 3.0, and MetaFrame XP 1.0 allows local users and remote attackers to execute arbitrary code via long arguments to the (1) EnumPrintersW and (2) OpenPrinter functions.",Citrix,"Metaframe Presentation Server,Metaframe",,,0.010099999606609344,false,false,false,false,,false,false,2007-01-24T22:00:00.000Z,0
CVE-2006-5821,https://securityvulnerability.io/vulnerability/CVE-2006-5821,,"Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption.",Citrix,"Metaframe Presentation Server,Metaframe",,,0.5263800024986267,false,false,false,false,,false,false,2006-11-10T23:00:00.000Z,0
CVE-2006-5861,https://securityvulnerability.io/vulnerability/CVE-2006-5861,,"The Independent Management Architecture (IMA) service (ImaSrv.exe) in Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to cause a denial of service (service exit) via a crafted packet that causes the service to access an unmapped memory address and triggers an unhandled exception.",Citrix,"Metaframe Presentation Server,Metaframe",,,0.3351399898529053,false,false,false,false,,false,false,2006-11-10T23:00:00.000Z,0
CVE-2006-3779,https://securityvulnerability.io/vulnerability/CVE-2006-3779,,"Citrix MetaFrame up to XP 1.0 Feature 1, except when running on Windows Server 2003, installs a registry key with an insecure ACL, which allows remote authenticated users to gain privileges.",Citrix,"Metaframe,Presentation Server,Metaframe Presentation Server",,,0.0056500001810491085,false,false,false,false,,false,false,2006-07-24T12:19:00.000Z,0
CVE-2005-3971,https://securityvulnerability.io/vulnerability/CVE-2005-3971,,Cross-site scripting (XSS) vulnerability in the login form in Citrix MetaFrame Secure Access Manager 2.0 through 2.2 and NFuse Elite 1.0 allows remote attackers to inject arbitrary web script or HTML via the username field.,Citrix,"Metaframe Secure Access Manager,Nfuse",,,0.0027199999894946814,false,false,false,false,,false,false,2005-12-03T19:00:00.000Z,0
CVE-2005-3134,https://securityvulnerability.io/vulnerability/CVE-2005-3134,,Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the client device name (ClientName).,Citrix,Metaframe,,,0.0036899999249726534,false,false,false,false,,false,false,2005-10-04T04:00:00.000Z,0
CVE-2005-0822,https://securityvulnerability.io/vulnerability/CVE-2005-0822,,"Citrix Metaframe Password Manager 2.5 and earlier stores a password in cleartext although it is obfuscated when presented to a user, which allows users to view their secondary passwords even if it is not allowed by policy.",Citrix,Metaframe Password Manager,,,0.0005099999834783375,false,false,false,false,,false,false,2005-05-02T04:00:00.000Z,0
CVE-2004-1902,https://securityvulnerability.io/vulnerability/CVE-2004-1902,,"The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does not encrypt passwords entered immediately after executing the First Time User Wizards, which allows local users to gain sensitive information.",Citrix,Metaframe Password Manager,,,0.0004199999966658652,false,false,false,false,,false,false,2004-12-31T05:00:00.000Z,0
CVE-2004-1077,https://securityvulnerability.io/vulnerability/CVE-2004-1077,,Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and MetaFrame Presentation Server client for WinCE before 8.33 allows remote servers to create arbitrary shortcuts on the client via a full UNC path in the AppInStartmenu directive.,Citrix,"Metaframe Client,Program Neighborhood Agent",,,0.008489999920129776,false,false,false,false,,false,false,2004-04-26T04:00:00.000Z,0
CVE-2004-1078,https://securityvulnerability.io/vulnerability/CVE-2004-1078,,Stack-based buffer overflow in the client for Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and Citrix MetaFrame Presentation Server client for WinCE before 8.33 allows remote attackers to execute arbitrary code via a long cached icon filename in the InName XML element.,Citrix,"Metaframe Client,Program Neighborhood Agent",,,0.07049000263214111,false,false,false,false,,false,false,2004-04-26T04:00:00.000Z,0
CVE-2003-1157,https://securityvulnerability.io/vulnerability/CVE-2003-1157,,Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuse_Message parameter.,Citrix,Metaframe,,,0.006639999803155661,false,false,false,false,,false,false,2003-12-31T05:00:00.000Z,0
CVE-2002-2426,https://securityvulnerability.io/vulnerability/CVE-2002-2426,,"Cross-site request forgery (CSRF) vulnerability in Citrix Presentation Server 4.0 and 4.5, MetaFrame Presentation Server 3.0, and Access Essentials 1.0 through 2.0 allows remote attackers to execute arbitrary published applications, and possibly other programs, as authenticated users via the InitialProgram key in an ICA connection. NOTE: some of these details are obtained from third party information.",Citrix,"Access Essentials,Metaframe Presentation Server,Presentation Server",,,0.02118000015616417,false,false,false,false,,false,false,2002-12-31T05:00:00.000Z,0
CVE-2001-0716,https://securityvulnerability.io/vulnerability/CVE-2001-0716,,"Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service Pack 1 and earlier, allows remote attackers to cause a denial of service (crash) via a large number of incomplete connections to the server.",Citrix,Metaframe,,,0.008030000142753124,false,false,false,false,,false,false,2001-12-06T05:00:00.000Z,0
CVE-2001-0908,https://securityvulnerability.io/vulnerability/CVE-2001-0908,,"CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT).",Citrix,Metaframe,,,0.0154600003734231,false,false,false,false,,false,false,2001-11-21T05:00:00.000Z,0
CVE-2000-0244,https://securityvulnerability.io/vulnerability/CVE-2000-0244,,The Citrix ICA (Independent Computing Architecture) protocol uses weak encryption (XOR) for user authentication.,Citrix,"Metaframe,Winframe",,,0.003949999809265137,false,false,false,false,,false,false,2000-03-29T05:00:00.000Z,0