Every CVE whose affected-product data names Citrix Xenapp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2016-6493 — CVSS 9.8 (critical): Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified…
CVE-2012-5161 — CVSS 9.3 (critical): The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1 allows remote attackers to execute arbitrary code via unspecified…
CVE-2020-8283 — CVSS 8.8 (high): An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD…
CVE-2020-8269 — CVSS 8.8 (high): An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1…
CVE-2021-22928 — CVSS 7.8 (high): A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has…
CVE-2016-4810 — CVSS 7.5 (high): Citrix Studio before 7.6.1000, Citrix XenDesktop 7.x before 7.6 LTSR Cumulative Update 1 (CU1), and Citrix XenApp 7.5 and 7.6 allow…
CVE-2009-2453 — CVSS 7.5 (high): Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 does not apply an access policy when it is defined with the Access…
CVE-2008-4676 — CVSS 6.8 (medium): Unspecified vulnerability in Citrix XenApp (formerly Presentation Server) 4.5 Feature Pack 1 and earlier, Presentation Server 4.0, and…
CVE-2020-13998 — CVSS 5.3 (medium): Citrix XenApp 6.5, when 2FA is enabled, allows a remote unauthenticated attacker to ascertain whether a user exists on the server, because…