Latest medium severity vulnerabilities for vendor "esri"

Esri Portal for ArcGISBUG-000165732 - Reflected XSS in Portal for ArcGIS

medium

6.1

First published (updated )

CVE-2024-38038

Esri Portal for ArcGISBUG-000165286 - Reflected XSS in Portal for ArcGIS

medium

6.1

First published (updated )

CVE-2024-25691

Esri Portal for ArcGISBUG-000163019 - Stored XSS in Portal for ArcGIS

medium

4.8

First published (updated )

CVE-2024-25694

Esri Portal for ArcGISBUG-000160765 - Stored XSS in ArcGIS Experience Builder

medium

4.8

First published (updated )

CVE-2024-25701

Esri Portal for ArcGISBUG-000160599 - Stored XSS in Portal for ArcGIS Web App Builder

medium

4.8

First published (updated )

CVE-2024-25702

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Esri Portal for ArcGISBUG-000160241 - Reflected XSS in Portal for ArcGIS

medium

4.8

First published (updated )

CVE-2024-25707

Esri Portal for ArcGISBUG-000154827 - Reflected XSS in ArcGIS Experience Builder

medium

5.4

First published (updated )

CVE-2024-38036

Esri Portal for ArcGISBUG-000161683 - HTML injection vulnerability in Portal for ArcGIS.

medium

5.4

First published (updated )

CVE-2024-38039

Esri Portal for ArcGISBUG-000167983 - Unvalidated redirect in Portal for ArcGIS

medium

6.1

First published (updated )

CVE-2024-38037

Esri ArcGIS ServerBUG-000158039 - There is an information disclosure issue in ArcGIS Server.

medium

5.3

First published (updated )

CVE-2023-25848

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Esri ArcGISBUG-000158075 Stored XSS issue in ArcGIS Server

medium

6.1

First published (updated )

CVE-2023-25841

Esri Portal for ArcGISBUG-000135364 XSS in 10.8.1 sites builder iframe source

medium

5.4

First published (updated )

CVE-2023-25836

Esri Portal for ArcGISXSS

medium

5.4

First published (updated )

CVE-2023-25833

Esri Portal for ArcGISBUG-000154236 There is a reflected cross-site scripting (XSS) vulnerability in Portal for ArcGIS.

medium

6.1

First published (updated )

CVE-2023-25831

Esri Portal for ArcGISBUG-000154662 Reflected XSS vulnerability in Portal for ArcGIS

medium

6.1

First published (updated )

CVE-2023-25830

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Esri Portal for ArcGISBUG-000155001 - Unvalidated redirect in Portal for ArcGIS.

medium

6.1

First published (updated )

CVE-2023-25829

Esri Portal for ArcGISChanges to user permissions in Portal for ArcGIS 10.9.1 and below are incompletely applied in specif…

medium

5.4

First published (updated )

CVE-2023-25834

Esri Portal for ArcGISHTML injection in accountswitcher-callback.html (10.9.1, 10.8.1 and 10.7.1 only)

medium

6.1

First published (updated )

CVE-2022-38210

Esri Portal for ArcGISUnvalidated redirect in Portal for ArcGIS

medium

6.1

First published (updated )

CVE-2022-38208

Esri Portal for ArcGISReflected XSS vulnerability in Portal for ArcGIS (10.9.1, 10.8.1 and 10.7.1 only)

medium

6.1

First published (updated )

CVE-2022-38206

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Esri Portal for ArcGISReflected XSS vulnerability in Portal for ArcGIS (10.8.1 and 10.7.1 only)

medium

6.1

First published (updated )

CVE-2022-38207

Esri Portal for ArcGISReflected XSS vulnerability in Portal for ArcGIS

medium

6.1

First published (updated )

CVE-2022-38209

Esri Portal for ArcGISReflected XSS vulnerability in Portal for ArcGIS (10.8.1 and 10.7.1 only)

medium

6.1

First published (updated )

CVE-2022-38204

Esri Arcgis QuickcaptureAn unvalidated redirect vulnerability exists in Esri ArcGIS Quick Capture Web Designer versions 10.8.1 to 10.9.1.

medium

6.1

First published (updated )

CVE-2022-38201

Esri ArcGIS ServerBUG-000150540 - Reflected XSS vulnerability in ArcGIS Server

medium

6.1

First published (updated )

CVE-2022-38195

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Esri ArcGIS ServerBUG-000148347 Unvalidated redirect issues in ArcGIS Server.

medium

6.1

First published (updated )

CVE-2022-38197

Esri ArcGIS ServerBUG-000146513 - Reflected XSS vulnerability in ArcGIS Server

medium

6.1

First published (updated )

CVE-2022-38198

Esri ArcGIS ServerBUG-000144172 - Remote file download issue in ArcGIS Server

medium

6.1

First published (updated )

CVE-2022-38199

Esri ArcGIS ServerBUG-000142376 - Reflected Cross-Site Scripting (XSS) vulnerability in ArcGIS Server.

medium

6.1

First published (updated )

CVE-2022-38200

Esri Portal for ArcGISThere is a stored cross-site scripting (XSS) vulnerability in ArcGIS API for JavaScript.

medium

5.4

First published (updated )

CVE-2022-38189

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Esri Portal for ArcGISPortal for ArcGIS system properties are not properly encrypted (10.8.1 only)

medium

6.7

First published (updated )

CVE-2022-38194

Esri Portal for ArcGISHTML injection vulnerability in Portal for ArcGIS

medium

6.1

First published (updated )

CVE-2022-38191

Esri Portal for ArcGISStored cross-site scripting vulnerability in Esri Portal for ArcGIS Configurable Apps

medium

6.1

First published (updated )

CVE-2022-38190

Esri ArcReaderEsri ArcReader PMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

medium

5.5

First published (updated )

CVE-2021-29112

Esri ArcReaderEsri ArcReader PMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

medium

5.5

First published (updated )

CVE-2021-29118

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Esri Portal for ArcGISThere is a stored cross-site scripting (XSS) vulnerability in ArcGIS API for JavaScript.

medium

6.1

First published (updated )

CVE-2022-38192

Esri ArcGIS ServerBUG-000142180 Hosted feature services vulnerable to stored XSS

medium

6.1

First published (updated )

CVE-2021-29116

Esri ArcGIS EnterpriseAn information disclosure vulnerability

medium

5.3

First published (updated )

CVE-2021-29115

Esri ArcGIS ServerRemote file inclusion vulnerability in ArcGIS Server help documentation

medium

4.7

First published (updated )

CVE-2021-29113

Esri Portal for ArcGISStored cross-site scripting (XSS) issue in Esri Portal for ArcGIS may allow a remote unauthenticated attacker to pass and store malicious strings in the home application.

medium

5.4

First published (updated )

CVE-2021-29110

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Esri Portal for ArcGISA reflected XSS vulnerability in Esri Portal for ArcGIS version 10.9.

medium

6.1

First published (updated )

CVE-2021-29109

Esri ArcGIS ServerThere is a stored Cross Site Scripting (XXS) vulnerability in ArcGIS Server Manager version 10.8.1 and below.

medium

6.1

First published (updated )

CVE-2021-29104

Esri ArcGIS ServerThere is a stored Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server Services Directory version 10.8.1 and below.

medium

5.4

First published (updated )

CVE-2021-29105

Esri ArcGIS ServerThere is a reflected Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server version 10.8.1 and below.

medium

6.1

First published (updated )

CVE-2021-29106

Esri ArcGIS ServerThere is a stored Cross Site Scripting (XXS) vulnerability in ArcGIS Server Manager version 10.8.1 and below.

medium

6.1

First published (updated )

CVE-2021-29107

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Esri ArcGIS ServerThere is a reflected Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server version 10.8.1 and below.

medium

6.1

First published (updated )

CVE-2021-29103

Esri ArcGIS ServerThere is a SQL injection vulnerability in ArcGIS Server

medium

5.3

First published (updated )

CVE-2021-29099

Esri ArcGIS EnterpriseXSS

medium

5.4

First published (updated )

CVE-2021-3012

Esri ArcGISArcGIS Server image service and raster analytics security update: uninitialized pointer

medium

6.8

First published (updated )

CVE-2021-29095

Esri ArcGISArcGIS Server image service and raster analytics security update: use-after-free

medium

6.8

First published (updated )

CVE-2021-29093

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Software

Esri Portal for ArcGISBUG-000165732 - Reflected XSS in Portal for ArcGIS

Esri Portal for ArcGISBUG-000165286 - Reflected XSS in Portal for ArcGIS

Esri Portal for ArcGISBUG-000163019 - Stored XSS in Portal for ArcGIS

Esri Portal for ArcGISBUG-000160765 - Stored XSS in ArcGIS Experience Builder

Esri Portal for ArcGISBUG-000160599 - Stored XSS in Portal for ArcGIS Web App Builder

Never miss a vulnerability like this again

Esri Portal for ArcGISBUG-000160241 - Reflected XSS in Portal for ArcGIS

Esri Portal for ArcGISBUG-000154827 - Reflected XSS in ArcGIS Experience Builder

Esri Portal for ArcGISBUG-000161683 - HTML injection vulnerability in Portal for ArcGIS.

Esri Portal for ArcGISBUG-000167983 - Unvalidated redirect in Portal for ArcGIS

Esri ArcGIS ServerBUG-000158039 - There is an information disclosure issue in ArcGIS Server.

Never miss a vulnerability like this again

Esri ArcGISBUG-000158075 Stored XSS issue in ArcGIS Server

Esri Portal for ArcGISBUG-000135364 XSS in 10.8.1 sites builder iframe source

Esri Portal for ArcGISXSS

Esri Portal for ArcGISBUG-000154236 There is a reflected cross-site scripting (XSS) vulnerability in Portal for ArcGIS.

Esri Portal for ArcGISBUG-000154662 Reflected XSS vulnerability in Portal for ArcGIS

Never miss a vulnerability like this again

Esri Portal for ArcGISBUG-000155001 - Unvalidated redirect in Portal for ArcGIS.

Esri Portal for ArcGISChanges to user permissions in Portal for ArcGIS 10.9.1 and below are incompletely applied in specif…

Esri Portal for ArcGISHTML injection in accountswitcher-callback.html (10.9.1, 10.8.1 and 10.7.1 only)

Esri Portal for ArcGISUnvalidated redirect in Portal for ArcGIS

Esri Portal for ArcGISReflected XSS vulnerability in Portal for ArcGIS (10.9.1, 10.8.1 and 10.7.1 only)

Never miss a vulnerability like this again

Esri Portal for ArcGISReflected XSS vulnerability in Portal for ArcGIS (10.8.1 and 10.7.1 only)

Esri Portal for ArcGISReflected XSS vulnerability in Portal for ArcGIS

Esri Portal for ArcGISReflected XSS vulnerability in Portal for ArcGIS (10.8.1 and 10.7.1 only)

Esri Arcgis QuickcaptureAn unvalidated redirect vulnerability exists in Esri ArcGIS Quick Capture Web Designer versions 10.8.1 to 10.9.1.

Esri ArcGIS ServerBUG-000150540 - Reflected XSS vulnerability in ArcGIS Server

Never miss a vulnerability like this again

Esri ArcGIS ServerBUG-000148347 Unvalidated redirect issues in ArcGIS Server.

Esri ArcGIS ServerBUG-000146513 - Reflected XSS vulnerability in ArcGIS Server

Esri ArcGIS ServerBUG-000144172 - Remote file download issue in ArcGIS Server

Esri ArcGIS ServerBUG-000142376 - Reflected Cross-Site Scripting (XSS) vulnerability in ArcGIS Server.

Esri Portal for ArcGISThere is a stored cross-site scripting (XSS) vulnerability in ArcGIS API for JavaScript.

Never miss a vulnerability like this again

Esri Portal for ArcGISPortal for ArcGIS system properties are not properly encrypted (10.8.1 only)

Esri Portal for ArcGISHTML injection vulnerability in Portal for ArcGIS

Esri Portal for ArcGISStored cross-site scripting vulnerability in Esri Portal for ArcGIS Configurable Apps

Esri ArcReaderEsri ArcReader PMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Esri ArcReaderEsri ArcReader PMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Never miss a vulnerability like this again

Esri Portal for ArcGISThere is a stored cross-site scripting (XSS) vulnerability in ArcGIS API for JavaScript.

Esri ArcGIS ServerBUG-000142180 Hosted feature services vulnerable to stored XSS

Esri ArcGIS EnterpriseAn information disclosure vulnerability

Esri ArcGIS ServerRemote file inclusion vulnerability in ArcGIS Server help documentation

Esri Portal for ArcGISStored cross-site scripting (XSS) issue in Esri Portal for ArcGIS may allow a remote unauthenticated attacker to pass and store malicious strings in the home application.

Never miss a vulnerability like this again

Esri Portal for ArcGISA reflected XSS vulnerability in Esri Portal for ArcGIS version 10.9.

Esri ArcGIS ServerThere is a stored Cross Site Scripting (XXS) vulnerability in ArcGIS Server Manager version 10.8.1 and below.

Esri ArcGIS ServerThere is a stored Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server Services Directory version 10.8.1 and below.

Esri ArcGIS ServerThere is a reflected Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server version 10.8.1 and below.

Esri ArcGIS ServerThere is a stored Cross Site Scripting (XXS) vulnerability in ArcGIS Server Manager version 10.8.1 and below.

Never miss a vulnerability like this again

Esri ArcGIS ServerThere is a reflected Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server version 10.8.1 and below.

Esri ArcGIS ServerThere is a SQL injection vulnerability in ArcGIS Server

Esri ArcGIS EnterpriseXSS

Esri ArcGISArcGIS Server image service and raster analytics security update: uninitialized pointer

Esri ArcGISArcGIS Server image service and raster analytics security update: use-after-free

Never miss a vulnerability like this again

Company

Resources

Contact