Lucene search
K

149 matches found

CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

Esri ArcGIS Server 授权问题漏洞

Esri ArcGIS Server is a web-based enterprise-level software platform provided by Esri that can deliver geographic services. Versions of Esri ArcGIS Server 12.0 and earlier had an authorization vulnerability. This vulnerability stemmed from improperly configured authentication for unrecorded...

5.3CVSS5.8AI score0.0036EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:45 a.m.9 views

CVE-2022-38202

There is a path traversal vulnerability in Esri ArcGIS Server versions 10.9.1 and below. Successful exploitation may allow a remote, unauthenticated attacker traverse the file system to access files outside of the intended directory on ArcGIS Server. This could lead to the disclosure of sensitive...

7.5CVSS6.4AI score0.01333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/01 10:28 p.m.6 views

CVE-2025-67711

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS6.7AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/01 10:28 p.m.7 views

CVE-2025-67708

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS6.7AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/01 10:28 p.m.8 views

CVE-2025-67703

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS6.7AI score0.00193EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/01 12:31 a.m.4 views

EUVD-2025-206096

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS6.2AI score0.00197EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/01 12:31 a.m.5 views

EUVD-2025-206097

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS6.2AI score0.00197EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/01 12:31 a.m.5 views

EUVD-2025-206098

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS6.2AI score0.00197EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/01 12:31 a.m.8 views

EUVD-2025-206104

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS6.2AI score0.00193EPSS
Exploits0References2
NVD
NVD
added 2025/12/31 11:15 p.m.3 views

CVE-2025-67711

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS0.00197EPSS
Exploits0References1
OSV
OSV
added 2025/12/31 11:15 p.m.4 views

CVE-2025-67711

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS5.4AI score0.00197EPSS
Exploits0References1
OSV
OSV
added 2025/12/31 11:15 p.m.4 views

CVE-2025-67710

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS5.5AI score0.00197EPSS
Exploits0References1
NVD
NVD
added 2025/12/31 11:15 p.m.4 views

CVE-2025-67709

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS0.00197EPSS
Exploits0References1
NVD
NVD
added 2025/12/31 11:15 p.m.8 views

CVE-2025-67708

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS0.00197EPSS
Exploits0References1
OSV
OSV
added 2025/12/31 11:15 p.m.3 views

CVE-2025-67704

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS5.4AI score0.00197EPSS
Exploits0References1
OSV
OSV
added 2025/12/31 11:15 p.m.3 views

CVE-2025-67705

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS5.4AI score0.00193EPSS
Exploits0References1
CVE
CVE
added 2025/12/31 10:18 p.m.16 views

CVE-2025-67711

Summary: A stored cross-site scripting vulnerability affects Esri ArcGIS Server 11.4 and earlier on Windows and Linux. In some configurations, a remote unauthenticated attacker can store files that contain malicious code which may execute in a victim’s browser. Affected products/versions: Esri Ar...

6.1CVSS6.3AI score0.00197EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/31 10:18 p.m.23 views

CVE-2025-67710 Stored XSS vulnerability in ArcGIS Server

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/31 10:17 p.m.23 views

CVE-2025-67709 There is a cross site scripting issue in ArcGIS Server.

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added 2025/12/31 10:13 p.m.17 views

CVE-2025-67703

CVE-2025-67703 is a stored cross-site scripting vulnerability in Esri ArcGIS Server present in versions prior to 11.4. The issue allows a remote unauthenticated attacker to store files containing malicious code that may execute in a victim’s browser when accessed. Root cause is a stored XSS vecto...

6.1CVSS6.3AI score0.00193EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder