esri

168 tracked vulnerabilities.

CVE-2025-55107 MEDIUM
Esri Portal for ArcGIS Enterprise Sites <11.4 - XSS
Aug 21, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-55106 MEDIUM
Esri Portal for ArcGIS Enterprise Sites <11.4 - XSS
Aug 21, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-55105 MEDIUM
Esri Portal for ArcGIS Enterprise Sites <11.4 - XSS
Aug 21, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-55104 MEDIUM
ArcGIS HUB/ArcGIS Enterprise Sites - XSS
Aug 21, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-55103 MEDIUM
Esri Portal for ArcGIS Enterprise Sites <11.4 - XSS
Aug 21, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-4967 CRITICAL
Esri Portal for ArcGIS < 11.4 - Unauthenticated Server-Side Request Forgery
May 29, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-2538 CRITICAL
Esri Portal for ArcGIS < 11.4 - Unauthenticated Administrative Access via Hardcoded Credentials
Mar 20, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-1726 MEDIUM
Esri ArcGIS Monitor <2024.x - SQL Injection
Feb 26, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-1068 HIGH
Esri ArcGIS AllSource <1.2.1-1.3.1 - Privilege Escalation
Feb 25, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-1067 HIGH
Esri ArcGIS Pro <3.3.3-3.4.1 - Privilege Escalation
Feb 25, 2025
CVSS 7.3
EPSS 0.00
CVE-2024-5888 MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
Mar 03, 2025
CVSS 4.8
EPSS 0.00
CVE-2024-51966 MEDIUM
ESRI ArcGIS Server <11.3 - Path Traversal
Mar 03, 2025
CVSS 4.9
EPSS 0.00
CVE-2024-51963 MEDIUM
ArcGIS Server 10.9.1-11.3 - Authenticated Stored Cross-Site Scripting
Mar 03, 2025
CVSS 4.8
EPSS 0.00
CVE-2024-51962 HIGH
ArcGIS Server 10.9.1-11.3 - Authenticated SQL Injection via EDIT Operation
Mar 03, 2025
CVSS 8.7
EPSS 0.00
CVE-2024-51961 HIGH
ArcGIS Server <11.3 - Info Disclosure
Mar 03, 2025
CVSS 7.5
EPSS 0.00
CVE-2024-51960 MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
Mar 03, 2025
CVSS 4.8
EPSS 0.00
CVE-2024-51959 MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
Mar 03, 2025
CVSS 4.8
EPSS 0.00
CVE-2024-51958 MEDIUM
ESRI ArcGIS Server <=11.3 - Path Traversal
Mar 03, 2025
CVSS 4.9
EPSS 0.00
CVE-2024-51957 MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
Mar 03, 2025
CVSS 4.8
EPSS 0.00
CVE-2024-51956 MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
Mar 03, 2025
CVSS 4.8
EPSS 0.00
CVE-2024-51954 HIGH
ArcGIS Server <11.3 - Privilege Escalation
Mar 03, 2025
CVSS 8.5
EPSS 0.00
CVE-2024-51953 MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
Mar 03, 2025
CVSS 4.8
EPSS 0.00
CVE-2024-51952 MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
Mar 03, 2025
CVSS 4.8
EPSS 0.00
CVE-2024-51951 MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
Mar 03, 2025
CVSS 4.8
EPSS 0.00
CVE-2024-51950 MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
Mar 03, 2025
CVSS 4.8
EPSS 0.00
Products
portal_for_arcgis 73 arcgis_server 67 arcgis_pro 6 arcreader 6 arcgis_enterprise 5 arcmap 4 arcgis_engine 3 ArcGIS Server 2 Portal for ArcGIS 2 arcgis_allsource 2 arcgis_insights 2 arcinfo_workstation 2 arcsde 2 ArcGIS Enterprise Builder 1 ArcGIS Monitor 1 ArcGIS Web AppBuilder {Developer Edition) 1 arcgis_earth 1 arcgis_for_desktop 1 arcgis_for_engine 1 arcgis_geoevent_server 1 arcgis_quickcapture 1 arcgisruntime_sdk 1 arcpad 1
Quick Filters
Critical CVEs With Exploits In CISA KEV