Lucene search
K

25 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28581

Malicious code in bioql PyPI...

4.8CVSS6.5AI score0.00209EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-28579

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.00207EPSS
Exploits0References1
NVD
NVD
added 2025/08/21 8:15 p.m.5 views

CVE-2025-55106

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS0.00207EPSS
Exploits0References1
NVD
NVD
added 2025/08/21 8:15 p.m.5 views

CVE-2025-55105

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS0.00207EPSS
Exploits0References1
NVD
NVD
added 2025/08/21 8:15 p.m.8 views

CVE-2025-55107

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS0.00209EPSS
Exploits0References1
CVE
CVE
added 2025/08/21 7:29 p.m.23 views

CVE-2025-55106

CVE-2025-55106 concerns Esri Portal for ArcGIS Enterprise Sites, affected versions 10.9.1–11.4. A stored cross-site scripting vulnerability exists where an authenticated user can inject a malicious file containing an XSS script; when the file is loaded, it may execute arbitrary JavaScript in the ...

4.8CVSS6.3AI score0.00207EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/21 7:29 p.m.4 views

CVE-2025-55106 BUG-000173171 ArcGIS Enterprise Sites has a Cross-site Scripting vulnerability.

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS6.8AI score0.00207EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/21 7:29 p.m.4 views

CVE-2025-55105 BUG-000177336 - ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability.

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS6.8AI score0.00207EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.5 views

PT-2025-34279 · Esri · Esri Portal For Arcgis Enterprise Sites

Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 through 11.4 Description: A stored Cross-site Scripting issue exists in Esri Portal for ArcGIS Enterprise Sites that may allow a remote, authenticated attacker to inject a malicious file...

4.8CVSS5.8AI score0.00207EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.7 views

PT-2025-34283 · Esri · Esri Portal For Arcgis Enterprise Sites

Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 through 11.4 Description: A stored Cross-site Scripting issue exists in Esri Portal for ArcGIS Enterprise Sites that may allow a remote, authenticated attacker to inject a malicious file...

4.8CVSS5.5AI score0.00209EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.7 views

PT-2025-34281 · Esri · Esri Portal For Arcgis Enterprise Sites

Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 through 11.4 Description: A stored Cross-site Scripting issue exists that may allow a remote, authenticated attacker to inject a malicious file containing an XSS script. When loaded, thi...

4.8CVSS6.2AI score0.00207EPSS
Exploits0References5
CNVD
CNVD
added 2025/03/07 12:0 a.m.6 views

Esri ArcGIS Server File Inclusion Vulnerability

Esri ArcGIS Server is Esri's Web-oriented enterprise software platform for providing geolocation services. A file inclusion vulnerability exists in Esri ArcGIS Server versions 10.9.1 through 11.3, which can be exploited by a remote, unauthenticated attacker to read internal files due to a failure...

7.5CVSS6.6AI score0.00434EPSS
Exploits0References1
CVE
CVE
added 2025/03/03 7:57 p.m.55 views

CVE-2024-51957

CVE-2024-51957 is a Stored XSS vulnerability in Esri ArcGIS Server versions 10.9.1 through 11.3. An authenticated attacker with publisher capabilities can create a specially crafted link that, when clicked by a victim, may execute arbitrary JavaScript in the browser. Impact is described as low to...

4.8CVSS5.2AI score0.00245EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/03 7:38 p.m.8 views

CVE-2024-51944 Stored XSS in Rest Services Directory

There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required...

4.8CVSS5.2AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.2 views

Esri ArcGIS Server 访问控制错误漏洞

Esri ArcGIS Server is Esri's Web-oriented enterprise software platform for providing geolocation services. An Access Control Error vulnerability exists in Esri ArcGIS Server versions 10.9.1 through 11.3, which stems from improper access control and can be exploited by a remote, low-privilege...

8.5CVSS6.6AI score0.00294EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.2 views

Esri ArcGIS Server 跨站脚本漏洞

Esri ArcGIS Server is Esri's Web-oriented enterprise software platform for providing geolocation services. A cross-site scripting vulnerability exists in Esri ArcGIS Server versions 10.9.1 through 11.3, which can be exploited by an attacker to create a specially crafted link that, when clicked, m...

4.8CVSS6.3AI score0.00245EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.2 views

Esri ArcGIS Server 跨站脚本漏洞

Esri ArcGIS Server is Esri's Web-oriented enterprise software platform for providing geolocation services. A cross-site scripting vulnerability exists in Esri ArcGIS Server versions 10.9.1 through 11.3, which can be exploited by an attacker to create a specially crafted link that, when clicked, m...

4.8CVSS6.3AI score0.00245EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.2 views

Esri ArcGIS Server 跨站脚本漏洞

Esri ArcGIS Server is Esri's Web-oriented enterprise software platform for providing geolocation services. A cross-site scripting vulnerability exists in Esri ArcGIS Server versions 10.9.1 through 11.3, which can be exploited by an attacker to create a specially crafted link that, when clicked, m...

4.8CVSS6.3AI score0.00245EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.3 views

Esri ArcGIS Server 跨站脚本漏洞

Esri ArcGIS Server is Esri's Web-oriented enterprise software platform for providing geolocation services. A cross-site scripting vulnerability exists in Esri ArcGIS Server versions 10.9.1 through 11.3, which can be exploited by an attacker to create a specially crafted link that, when clicked, m...

4.8CVSS6.3AI score0.00245EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.2 views

Esri ArcGIS Server 跨站脚本漏洞

Esri ArcGIS Server is Esri's Web-oriented enterprise software platform for providing geolocation services. A cross-site scripting vulnerability exists in Esri ArcGIS Server versions 10.9.1 through 11.3, which can be exploited by an attacker to create a specially crafted link that, when clicked, m...

4.8CVSS6.3AI score0.00245EPSS
Exploits0References3
Rows per page
Query Builder