18 matches found
EUVD-2025-31606
Malicious code in bioql PyPI...
EUVD-2025-31608
Malicious code in bioql PyPI...
EUVD-2025-31611
Malicious code in bioql PyPI...
EUVD-2025-31607
Malicious code in bioql PyPI...
CVE-2025-57878
There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks...
CVE-2025-57874
There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser...
CVE-2025-57878
There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks...
CVE-2025-57878
There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks...
CVE-2025-57874
There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser...
CVE-2025-57874
There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser...
CVE-2025-57873 BUG-000175222 - Reflected XSS vulnerability in Portal for ArcGIS.
There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser...
CVE-2025-57875 BUG-000164122 - Reflected XSS vulnerability in Portal for ArcGIS.
There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser...
CVE-2025-57877
CVE-2025-57877 affects Esri Portal for ArcGIS
CVE-2025-57876
CVE-2025-57876 is a stored XSS vulnerability in Esri Portal for ArcGIS 11.4 and earlier. An authenticated attacker with high privileges can inject a file containing an XSS script; when loaded, it could execute arbitrary JavaScript in the victim’s browser and potentially disclose a privileged toke...
CVE-2025-57876 Stored XSS vulnerability in Portal for ArcGIS
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in the victim’s browser. The...
PT-2025-39860
Name of the Vulnerable Software and Affected Versions Esri Portal for ArcGIS versions 11.4 and below Description A reflected cross site scripting issue exists in Esri Portal for ArcGIS. A remote attacker with administrative access can potentially execute arbitrary JavaScript code in a user's...
PT-2025-39864
Name of the Vulnerable Software and Affected Versions Esri Portal for ArcGIS versions 11.4 and below Description A reflected cross site scripting issue exists in Esri Portal for ArcGIS that could allow a remote attacker with administrative access to execute arbitrary JavaScript code in a user's...
PT-2025-39863
Name of the Vulnerable Software and Affected Versions Esri Portal for ArcGIS versions 11.4 and below Description A stored Cross-site Scripting issue exists in Esri Portal for ArcGIS. A remote, authenticated attacker can inject a malicious file containing an XSS script. When loaded, this script...