8 matches found
EUVD-2026-4668
There is a Cross Site Scripting issue in Esri ArcGIS Pro versions 3.6.0 and earlier. A local attacker could supply malicious strings into ArcGIS Pro which may execute when a specific dialog is opened. This issue is fixed in ArcGIS Pro 3.6.1...
Esri ArcGIS Pro cross-site scripting vulnerability
Esri ArcGIS Pro is a geographic information system software developed by the American company Esri. Versions of Esri ArcGIS Pro prior to 3.6.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the ability for local attackers to inject malicious strings, potentially...
EUVD-2025-5364
Malicious code in bioql PyPI...
ESRI ArcGIS Pro Untrustworthy Search Path Vulnerability
ESRI ArcGIS Pro is a powerful desktop GIS software from ESRI. An untrusted search path vulnerability exists in ESRI ArcGIS Pro, which can be exploited by an attacker to execute malicious commands...
CVE-2025-1067
There is an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 and 3.4 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS ArcGIS Pro, the fil...
CVE-2025-1067
There is an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 and 3.4 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS ArcGIS Pro, the fil...
Esri ArcGIS 安全漏洞
ESRI ArcGIS Pro is a powerful desktop GIS software from ESRI. An untrusted search path vulnerability exists in ESRI ArcGIS Pro, which can be exploited by an attacker to execute malicious commands...
PT-2025-7900 · Esri · Arcgis Pro
Name of the Vulnerable Software and Affected Versions: Esri ArcGIS Pro versions 3.3 through 3.4 Description: The issue is related to an untrusted search path vulnerability that may allow a low-privileged attacker with write privileges to the local file system to introduce a malicious executable...