Esri

ArcGIS Server

65 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-67711

  • EPSS 0.05%
  • Veröffentlicht 31.12.2025 22:18:57
  • Zuletzt bearbeitet 06.01.2026 19:03:34

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context o...

6.1

CVE-2025-67710

  • EPSS 0.05%
  • Veröffentlicht 31.12.2025 22:18:17
  • Zuletzt bearbeitet 06.01.2026 19:04:06

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context o...

6.1

CVE-2025-67709

  • EPSS 0.05%
  • Veröffentlicht 31.12.2025 22:17:41
  • Zuletzt bearbeitet 06.01.2026 19:04:27

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context o...

6.1

CVE-2025-67708

  • EPSS 0.05%
  • Veröffentlicht 31.12.2025 22:17:08
  • Zuletzt bearbeitet 06.01.2026 19:04:52

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context o...

5.6

CVE-2025-67707

  • EPSS 0.28%
  • Veröffentlicht 31.12.2025 22:16:14
  • Zuletzt bearbeitet 20.02.2026 14:48:33

ArcGIS Server versions 11.5 and earlier on Windows and Linux do not sufficiently validate uploaded files, enabling a remote unauthenticated attacker to upload arbitrary files to the server’s designated upload directories. However, the server’s archi...

5.6

CVE-2025-67706

  • EPSS 0.09%
  • Veröffentlicht 31.12.2025 22:15:44
  • Zuletzt bearbeitet 19.02.2026 21:29:24

ArcGIS Server versions 11.5 and earlier on Windows and Linux do not sufficiently validate uploaded files, enabling a remote unauthenticated attacker to upload arbitrary files to the server’s designated upload directories. However, the server’s archi...

6.1

CVE-2025-67705

  • EPSS 0.05%
  • Veröffentlicht 31.12.2025 22:15:05
  • Zuletzt bearbeitet 06.01.2026 19:09:08

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context o...

6.1

CVE-2025-67704

  • EPSS 0.05%
  • Veröffentlicht 31.12.2025 22:14:32
  • Zuletzt bearbeitet 06.01.2026 19:14:39

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context o...

6.1

CVE-2025-67703

  • EPSS 0.05%
  • Veröffentlicht 31.12.2025 22:13:12
  • Zuletzt bearbeitet 06.01.2026 19:15:11

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context o...

10

CVE-2025-57870

  • EPSS 0.32%
  • Veröffentlicht 22.10.2025 14:26:22
  • Zuletzt bearbeitet 31.10.2025 18:51:22

A SQL Injection vulnerability exists in Esri ArcGIS Server versions 11.3, 11.4 and 11.5 on Windows, Linux and Kubernetes. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary SQL commands via a specific ArcGIS Feature Ser...