Linux Distros Unpatched Vulnerability : CVE-2026-35235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable...

EUVD-2026-24439

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

EUVD-2025-208903

The Terrapack software, from ASTER TEC / ASTER S.p.A., with the indicated components and versions has a file upload vulnerability that may allow attackers to execute arbitrary code. Vulnerable components include Terrapack TkWebCoreNG:: 1.0.20200914, Terrapack TKServerCGI 2.5.4.150, and Terrapack...

EUVD-2026-4743

QGIS is a free, open source, cross platform geographical information system GIS The repository contains a GitHub Actions workflow called "pre-commit checks" that, before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9, was vulnerable to remote code execution and repository compromise because it...

CVE-2026-24480

CVE-2026-24480 affects QGIS’ GitHub Actions workflow named “pre-commit checks.” Before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9, the workflow used pull_request_target and checked out/executed untrusted PR code in a privileged context, allowing potential remote code execution and repository...

PT-2026-4840

Name of the Vulnerable Software and Affected Versions QGIS versions prior to commit 76a693cd91650f9b4e83edac525e5e4f90d954e9 Description The QGIS repository contained a GitHub Actions workflow named "pre-commit checks" that, before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9, was susceptible ...

[SECURITY] Fedora 43 Update: mapserver-8.4.1-1.fc43

Mapserver is an internet mapping program that converts GIS data to map images in real time. With appropriate interface pages, Mapserver can provide an interactive internet map based on custom GIS data...

Basarsoft Netigma 跨站脚本漏洞

Basarsoft Netigma is a Geographic Information System GIS from Basarsoft Turkey. A cross-site scripting vulnerability exists in Basarsoft Netigma versions 6.3.3 through 6.3.5 prior to V8, which stems from improper input neutralization during web page generation and could lead to a stored cross-sit...

esri Portal for ArcGIS Enterprise Sites Cross-Site Scripting Vulnerability (CNVD-2025-21188)

esri Portal for ArcGIS Enterprise Sites is an enterprise-level geographic information sharing platform from ESRI that allows users within an organization to view, edit, and share geographic information through the portal. A cross-site scripting vulnerability exists in esri Portal for ArcGIS...

Linux Distros Unpatched Vulnerability : CVE-2018-2573

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: GIS. Supported versions that are affected are 5.6.38 and prior and 5.7.20 and...

Linux Distros Unpatched Vulnerability : CVE-2023-21887

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 8.0.31 and prior. Easily exploitable...

Linux Distros Unpatched Vulnerability : CVE-2021-2417

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 8.0.25 and prior. Easily exploitable...

[SECURITY] Fedora 41 Update: qgis-3.40.5-2.fc41

Geographic Information System GIS manages, analyzes, and displays databases of geographic information. QGIS supports shape file viewing and editing, spatial data storage with PostgreSQL/PostGIS, projection on-the-fly, map composition, and a number of other features via a plugin interface. QGIS al...

[SECURITY] Fedora 42 Update: qgis-3.42.1-2.fc42

Geographic Information System GIS manages, analyzes, and displays databases of geographic information. QGIS supports shape file viewing and editing, spatial data storage with PostgreSQL/PostGIS, projection on-the-fly, map composition, and a number of other features via a plugin interface. QGIS al...

Esri Portal For ArcGIS Cross-Site Scripting Hole (CNVD-2024-41006)

Esri Portal For ArcGIS is a component from Environmental Systems Research Institute Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. Esri Portal For ArcGIS suffers from a cross-site scripting vulnerability that can be...

Esri Portal For ArcGIS Cross-Site Scripting Vulnerability (CNVD-2024-41004)

Esri Portal For ArcGIS is a component from Environmental Systems Research Institute Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. Esri Portal For ArcGIS suffers from a cross-site scripting vulnerability that can be...

Number withdrawn

Esri ArcGIS Enterprise is a GIS Geographic Information System based software system from Environmental Systems Research Institute Esri, Inc. The system supports mapping and visualization, analysis, and data management. This CVE number has been withdrawn...

Esri Portal for ArcGIS Path Traversal Vulnerability

Esri Portal For ArcGIS is a component of esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A path traversal vulnerability exists in Esri Portal for ArcGIS that stems from the program failing to properly filter for specif...

Esri Portal for ArcGIS Cross-Site Request Forgery Vulnerability

Esri Portal For ArcGIS is an Esri component that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A cross-site request forgery vulnerability exists in Esri Portal for ArcGIS, and no detailed vulnerability details are provided at...

编号撤回

Esri Portal For ArcGIS is a component from Environmental Systems Research Institute Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. This CVE number has been withdrawn...