Exchange 0-day-Exploit 2022
CVE-2022-41040, CVE-2022-41082 Security Bulletin | High | Microsoft is investigating two reported zero-day vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019. The first vulnerability, identified as CVE-2022-41040, is a...
Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27509
Description of Problem Security Bulletin | Medium | A vulnerability has been discovered in Citrix ADC and Citrix Gateway which enables an attacker to create a specially crafted URL that redirects to a malicious website. This vulnerability has the following...
Critical Citrix ADM (MAS) Security Bulletin for CVE-2022-27511 and CVE-2022-27512
Description of Problem Vulnerabilities have been discovered in Citrix Application Delivery Management (Citrix ADM) that, if exploited, could result in the following security issues: Corruption of the system by a remote, unauthenticated user. The impact of this...
Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27507 and CVE-2022-27508
Description of Problem Vulnerabilities have been discovered in Citrix ADC and Citrix Gateway that, if exploited, could result in a denial of service. These vulnerabilities have the following identifiers: ...
Citrix Gateway Plug-in for Windows Security Bulletin for CVE-2022-21827
Description of Problem A vulnerability has been discovered in Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows). If exploited, this issue would allow an adversary, who has gained local access to a computer with Citrix Gateway Plug-in installed, to...
Citrix Gateway – Users stuck at spinning circle after credentials – Chrome or chromium update to Version 100.0.4896.60
Nach Update des Chrome oder chromium basierende Browser auf die Version 100.0.4896.60 bekommen User nach der Anmeldung am Citrix Gateway ein "spinning circle" und nicht die published Apps angezeigt. Das Problem tritt aufgrund einer Inkompatibilität mit den Citrix ADC...
Spring4Shell (CVE-2022-22963, CVE-2022-22965)
A zero-day exploit affecting the Spring Framework versions (5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older versions was made public on March 30, 2022, allowing an unauthenticated attacker to execute arbitrary code on the target system. Citrix recommends that customers...