| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-51954 | Unauthorized access to secure services in ArcGIS Server | Esri | ArcGIS Server | High | 8.5 | 2025-03-03 19:53:21 | Deep Dive |
| CVE-2024-51953 | Stored XSS in ArcGIS Server Rest services | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:53:12 | Deep Dive |
| CVE-2024-51952 | Stored XSS issue in ArcGIS Server | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:53:02 | Deep Dive |
| CVE-2024-51951 | Stored XSS in Server Admin API | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:52:51 | Deep Dive |
| CVE-2024-51950 | Stored XSS in Server Admin under Services > lifecycleinfos | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:39:25 | Deep Dive |
| CVE-2024-51949 | Stored XSS vulnerability in Rest Services under OGCFeature Service and Map Service | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:39:14 | Deep Dive |
| CVE-2024-51948 | Stored XSS vulnerability in Rest Services under Job ID | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:38:57 | Deep Dive |
| CVE-2024-51947 | Stored XSS vulnerability in Rest Services under Layer name | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:38:46 | Deep Dive |
| CVE-2024-51946 | Stored XSS in Rest Services Directory under Identify operation | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:38:36 | Deep Dive |
| CVE-2024-51945 | Stored XSS issues in Server Admin API | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:38:22 | Deep Dive |
| CVE-2024-51944 | Stored XSS in Rest Services Directory | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:38:11 | Deep Dive |
| CVE-2024-51942 | Stored XSS vulnerability in Rest Admin API under Hosted Feature Services page | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:37:31 | Deep Dive |
| CVE-2024-10904 | Stored XSS in Server Admin API | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:37:16 | Deep Dive |
| CVE-2024-5888 | Stored XSS in Rest Services API for a Toolbox published as GP Service | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:36:57 | Deep Dive |
| CVE-2025-1726 | [#BUG-000172669 ArcGIS Monitor has a security vulnerability] | Esri | ArcGIS Monitor | Medium | 4.3 | 2025-02-26 19:28:51 | Deep Dive |
| CVE-2025-1068 | There is a code injection vulnerability in Esri ArcGIS AllSource | Esri | ArcGIS AllSource | High | 7.3 | 2025-02-25 16:26:18 | Deep Dive |
| CVE-2025-1067 | There is a code injection vulnerability in ArcGIS Pro | Esri | ArcGIS Pro | High | 7.3 | 2025-02-25 16:26:04 | Deep Dive |
| CVE-2024-38040 | BUG-000167984 - Portal for ArcGIS has a Local file inclusion (LFI) vulnerability | Esri | Portal for ArcGIS | High | 7.5 | 2024-10-04 18:04:02 | Deep Dive |
| CVE-2024-38038 | BUG-000165732 - Reflected XSS in Portal for ArcGIS | Esri | Portal for ArcGIS | Medium | 6.1 | 2024-10-04 17:19:24 | Deep Dive |
| CVE-2024-25691 | BUG-000165286 - Reflected XSS in Portal for ArcGIS | Esri | Portal for ArcGIS | Medium | 6.1 | 2024-10-04 17:18:53 | Deep Dive |