Citrix Provisioning Services — known CVE vulnerabilities
Every CVE whose affected-product data names Citrix Provisioning Services, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2016-9676 — CVSS 9.8 (critical): Buffer overflow in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2016-9678 — CVSS 9.8 (critical): Use-after-free vulnerability in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2016-9679 — CVSS 9.8 (critical): Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code by overwriting a function pointer.
CVE-2012-4068 — CVSS 7.5 (high): Heap-based buffer overflow in the SoapServer service in Citrix Provisioning Services 5.0, 5.1, 5.6, 5.6 SP1, 6.0, and 6.1 allows remote…
CVE-2016-9680 — CVSS 7.5 (high): Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive information from kernel memory via unspecified vectors.
CVE-2016-9677 — CVSS 5.3 (medium): Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive kernel address information via unspecified vectors.