cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2012-4603,https://securityvulnerability.io/vulnerability/CVE-2012-4603,,"Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver.",Citrix,"Receiver,Xenapp Online",7.8,HIGH,0.043949998915195465,false,false,false,false,,false,false,2020-01-10T20:22:58.000Z,0
CVE-2019-11634,https://securityvulnerability.io/vulnerability/CVE-2019-11634,,Citrix Workspace App before 1904 for Windows has Incorrect Access Control.,Citrix,"Receiver,Workspace",9.8,CRITICAL,0.02353000082075596,true,false,true,true,,false,false,2019-05-22T16:46:42.000Z,0
CVE-2016-9111,https://securityvulnerability.io/vulnerability/CVE-2016-9111,,"Incorrect access control mechanisms in Citrix Receiver Desktop Lock 4.5 allow an attacker to bypass the authentication requirement by leveraging physical access to a VDI for temporary disconnection of a LAN cable. NOTE: as of 20161208, the vendor could not reproduce the issue, stating ""the researcher was unable to provide us with information that would allow us to confirm the behaviour and, despite extensive investigation on test deployments of supported products, we were unable to reproduce the behaviour as he described. The researcher has also, despite additional requests for information, ceased to respond to us.""",Citrix,Receiver Desktop,6.8,MEDIUM,0.011099999770522118,false,false,false,false,,false,false,2016-11-07T11:00:00.000Z,0
CVE-2016-5433,https://securityvulnerability.io/vulnerability/CVE-2016-5433,,Citrix iOS Receiver before 7.0 allows attackers to cause TLS certificates to be incorrectly validated via unspecified vectors.,Citrix,Ios Receiver,6.1,MEDIUM,0.0006099999882280827,false,false,false,false,,false,false,2016-06-17T15:00:00.000Z,0
CVE-2010-2990,https://securityvulnerability.io/vulnerability/CVE-2010-2990,,"Citrix Online Plug-in for Windows for XenApp & XenDesktop before 11.2, Citrix Online Plug-in for Mac for XenApp & XenDesktop before 11.0, Citrix ICA Client for Linux before 11.100, Citrix ICA Client for Solaris before 8.63, and Citrix Receiver for Windows Mobile before 11.5 allow remote attackers to execute arbitrary code via (1) a crafted HTML document, (2) a crafted .ICA file, or (3) a crafted type field in an ICA graphics packet, related to a ""heap offset overflow"" issue.",Citrix,"Online Plug-in For Windows For Xenapp \& Xendesktop,Ica Client For Solaris,Receiver For Windows Mobile,Online Plug-in For Mac For Xenapp \& Xendesktop,Ica Client For Linux",,,0.027650000527501106,false,false,false,false,,false,false,2010-08-11T19:00:00.000Z,0
CVE-2009-3936,https://securityvulnerability.io/vulnerability/CVE-2009-3936,,"Unspecified vulnerability in Citrix Online Plug-in for Windows 11.0.x before 11.0.150 and 11.x before 11.2, Online Plug-in for Mac before 11.0, Receiver for iPhone before 1.0.3, and ICA Java, Mac, UNIX, and Windows Clients for XenApp and XenDesktop allows remote attackers to impersonate the SSL/TLS server and bypass authentication via a crafted certificate, a different vulnerability than CVE-2009-3555.",Citrix,"Online Plug-in For Mac,Online Plug-in For Windows,Receiver For Iphone",,,0.0036700000055134296,false,false,false,false,,false,false,2009-11-13T16:00:00.000Z,0