Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arcgis vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-29097
Multiple buffer overflow vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and previous versions) and ArcGIS Pro 2.7 (and previous versions) allow an unauthenticated malicious user to achieve arbitrary code execution in...
Esri Arcgis
Esri Arcgis Pro
Esri Arcreader
Esri Arcmap
7.8
CVSSv3
CVE-2021-29098
Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and previous versions) and ArcGIS Pro 2.7 (and previous versions) allow an unauthenticated malicious user to achieve arbitrary code execut...
Esri Arcgis
Esri Arcgis Pro
Esri Arcreader
Esri Arcmap
6.1
CVSSv3
CVE-2022-38204
There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.8.1 and 10.7.1 which may allow a remote, unauthenticated malicious user to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser.
Esri Portal For Arcgis 10.8.1
Esri Portal For Arcgis 10.7.1
7.8
CVSSv3
CVE-2021-29096
A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and previous versions) and ArcGIS Pro 2.7 (and previous versions) allows an unauthenticated malicious user to achieve arbitrary code execution in the cont...
Esri Arcgis Pro
Esri Arcreader
Esri Arcgis Engine
Esri Arcmap
6.1
CVSSv3
CVE-2023-25829
There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and 10.9.1 that may allow a remote, unauthenticated malicious user to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.
Esri Portal For Arcgis 10.9.1
Esri Portal For Arcgis 11.0
6.1
CVSSv3
CVE-2022-38207
There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.8.1 and 10.7.1 which may allow a remote remote, unauthenticated malicious user to create a crafted link which when clicked which could execute arbitrary JavaScript code in the victim’s browser.
Esri Portal For Arcgis 10.8.1
Esri Portal For Arcgis 10.7.1
NA
CVE-2007-1770
Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS prior to 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote malicious users to cause a denial of service (giomgr crash) and execute arbitrary cod...
Esri Arcgis
1 EDB exploit
NA
CVE-2007-4278
Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, whic...
Esri Arcgis
8.1
CVSSv3
CVE-2022-38196
Esri ArcGIS Server versions 10.9.1 and prior have a path traversal vulnerability that may result in a denial of service by allowing a remote, authenticated malicious user to overwrite internal ArcGIS Server directory.
Esri Arcgis Server
6.1
CVSSv3
CVE-2022-38198
There is a reflected cross site scripting issue in the Esri ArcGIS Server services directory versions 10.9.1 and below that may allow a remote, unauthenticated malicious user to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code i...
Esri Arcgis Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »