Esri

ArcGIS Server

67 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.1

CVE-2026-2813

  • EPSS 0.3%
  • Veröffentlicht 20.05.2026 17:51:51
  • Zuletzt bearbeitet 21.05.2026 18:54:30

ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploit this issue by sending a specially crafted request, Successful exploitation may result in the application redirecting the br...

5.3

CVE-2026-2812

  • EPSS 0.36%
  • Veröffentlicht 20.05.2026 17:47:40
  • Zuletzt bearbeitet 21.05.2026 18:56:21

ArcGIS Server contains an improper authentication vulnerability in an undocumented administrative endpoint. An unauthenticated attacker could exploit this issue by sending a crafted request to the endpoint. Successful exploitation may result in disru...

6.1

CVE-2025-67711

  • EPSS 0.2%
  • Veröffentlicht 31.12.2025 22:18:57
  • Zuletzt bearbeitet 06.01.2026 19:03:34

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context o...

6.1

CVE-2025-67710

  • EPSS 0.2%
  • Veröffentlicht 31.12.2025 22:18:17
  • Zuletzt bearbeitet 06.01.2026 19:04:06

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context o...

6.1

CVE-2025-67709

  • EPSS 0.2%
  • Veröffentlicht 31.12.2025 22:17:41
  • Zuletzt bearbeitet 06.01.2026 19:04:27

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context o...

6.1

CVE-2025-67708

  • EPSS 0.2%
  • Veröffentlicht 31.12.2025 22:17:08
  • Zuletzt bearbeitet 06.01.2026 19:04:52

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context o...

5.6

CVE-2025-67707

  • EPSS 0.25%
  • Veröffentlicht 31.12.2025 22:16:14
  • Zuletzt bearbeitet 20.02.2026 14:48:33

ArcGIS Server versions 11.5 and earlier on Windows and Linux do not sufficiently validate uploaded files, enabling a remote unauthenticated attacker to upload arbitrary files to the server’s designated upload directories. However, the server’s archi...

5.6

CVE-2025-67706

  • EPSS 0.33%
  • Veröffentlicht 31.12.2025 22:15:44
  • Zuletzt bearbeitet 19.02.2026 21:29:24

ArcGIS Server versions 11.5 and earlier on Windows and Linux do not sufficiently validate uploaded files, enabling a remote unauthenticated attacker to upload arbitrary files to the server’s designated upload directories. However, the server’s archi...

6.1

CVE-2025-67705

  • EPSS 0.19%
  • Veröffentlicht 31.12.2025 22:15:05
  • Zuletzt bearbeitet 06.01.2026 19:09:08

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context o...

6.1

CVE-2025-67704

  • EPSS 0.2%
  • Veröffentlicht 31.12.2025 22:14:32
  • Zuletzt bearbeitet 06.01.2026 19:14:39

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context o...