Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / esri

esri

168 tracked vulnerabilities.

CVE-2021-29096 HIGH

Esri ArcGIS Engine < 10.8.1, ArcGIS Pro < 2.7, ArcMap < 10.8.1, ArcReader < 10.8.1 - Use-After-Free via Crafted File

CVE-2020-35712 CRITICAL

Esri ArcGIS Server < 10.8 - Server-Side Request Forgery

CVE-2019-16193 MEDIUM

ArcGIS Enterprise 10.6.1 - Cross-Site Scripting via EDIT MY PROFILE IFRAME Injection

CVE-2015-2002 CRITICAL

ESRI ArcGis Runtime SDK <10.2.6-2 - RCE

ESRI ArcGIS for Desktop, ArcGIS for Engine, and ArcGIS for Server < 10.2.2 - Cross-Site Scripting

ESRI ArcGIS for Server 10.1.1 - Open Redirect via Login Parameter

Esri Arcgis Server - XSS

ESRI ArcGIS for Server < 10.2 - SQL Injection via Map or Feature Service Input

ESRI ArcGIS for Server 10.1 and 10.2 - Authenticated Cross-Site Scripting

ESRI ArcGIS for Server 10.1 - Authenticated Cross-Site Scripting

Esri ArcGIS for Server <10.3 - Command Injection

ESRI ArcGIS Server 10.1 - Authenticated SQL Injection via REST Service Query Where Parameter

ESRI ArcMap < 10.0.2.3200 - Arbitrary VBA Code Execution via Crafted Map File

ESRI ArcSDE 9.2 - Stack-based Buffer Overflow via Large ASCII Number in giomgr Process

ESRI ArcSDE - Buffer Overflow via Long Parameters in Three-Tiered Configurations

ESRI ArcPad < 7.0.0.156 - Buffer Overflow via COORDSYS Tag in .amp File

ArcGIS for ESRI ArcInfo Workstation 9.0 - Buffer Overflow

ArcGIS for ESRI ArcInfo Workstation 9.0 - Privilege Escalation

Previous Page 7 of 7

Products

portal_for_arcgis 73 arcgis_server 67 arcgis_pro 6 arcreader 6 arcgis_enterprise 5 arcmap 4 arcgis_engine 3 ArcGIS Server 2 Portal for ArcGIS 2 arcgis_allsource 2 arcgis_insights 2 arcinfo_workstation 2 arcsde 2 ArcGIS Enterprise Builder 1 ArcGIS Monitor 1 ArcGIS Web AppBuilder {Developer Edition) 1 arcgis_earth 1 arcgis_for_desktop 1 arcgis_for_engine 1 arcgis_geoevent_server 1 arcgis_quickcapture 1 arcgisruntime_sdk 1 arcpad 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy