Arcgis Pro Security Vulnerabilities and Issues — Arcgis Pro CVE List

Lucene search

EsriArcgis Pro

5 matches found

CVE•added 2025/02/25 5:15 p.m.•59 views

CVE-2025-1067

There is an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 and 3.4 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS ArcGIS Pro, the file ...

7.3CVSS7.1AI score0.00028EPSS

CVE•added 2025/02/25 5:15 p.m.•56 views

CVE-2025-1068

There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS AllSource, the ...

7.3CVSS7.1AI score0.00032EPSS

CVE•added 2021/03/25 9:15 p.m.•53 views

CVE-2021-29098

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user.

7.8CVSS7.9AI score0.0035EPSS

CVE•added 2021/03/25 9:15 p.m.•50 views

CVE-2021-29097

Multiple buffer overflow vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user.

7.8CVSS8AI score0.00433EPSS

CVE•added 2021/03/25 7:15 p.m.•37 views

CVE-2021-29096

A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user.

7.8CVSS7.9AI score0.00204EPSS