Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Esri — Vulnerabilities & Security Advisories 147

Browse all 147 CVE security advisories affecting Esri. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Esri:ArcGIS ServerPortal for ArcGISArcGIS EnterpriseArcReaderPortal for ArcGIS Enterprise SitesArcGIS Enterprise Web App BuilderArcGIS Enterprise ServerPortal for ArcGIS SitesArcGIS QuickcapturePortal for ArcGIS Enterprise Experience BuilderArcGIS ProArcGIS InsightsArcGIS GeoEvent ServerPortal for ArcGIS ArcGIS Enterprise BuilderEnterprise Web App BuilderArcGIS AllSourceArcGIS MonitorArcGIS EarthPortal for ArcGIS Enterprise Experience SitesArcGIS Web AppBuilder {Developer Edition)
CVE IDTitleCVSSSeverityPublished
CVE-2024-51966 Directory traversal vulnerability in ArcGIS Server — ArcGIS ServerCWE-22 4.9 Medium2025-03-03
CVE-2024-51963 Stored XSS in ArcGIS Server Manager — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-51962 SQL injection vulnerability in ArcGIS Server — ArcGIS ServerCWE-89 8.7 High2025-03-03
CVE-2024-51961 Local file inclusion (LFI) vulnerability in ArcGIS Server — ArcGIS ServerCWE-73 7.5 High2025-03-03
CVE-2024-51960 Stored XSS in ArcGIS Server Administrator Directory — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-51959 Stored XSS issue in Server Admin API — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-51958 Directory traversal vulnerability in the admin api for service thumbnails — ArcGIS ServerCWE-22 4.9 Medium2025-03-03
CVE-2024-51957 Stored XSS vulnerability in ArcGIS Rest Services Directory — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-51956 Stored XSS vulnerability in ArcGIS Server Administrator Directory — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-51954 Unauthorized access to secure services in ArcGIS Server — ArcGIS ServerCWE-284 8.5 High2025-03-03
CVE-2024-51953 Stored XSS in ArcGIS Server Rest services — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-51952 Stored XSS issue in ArcGIS Server — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-51951 Stored XSS in Server Admin API — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-51950 Stored XSS in Server Admin under Services > lifecycleinfos — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-51949 Stored XSS vulnerability in Rest Services under OGCFeature Service and Map Service — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-51948 Stored XSS vulnerability in Rest Services under Job ID — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-51947 Stored XSS vulnerability in Rest Services under Layer name — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-51946 Stored XSS in Rest Services Directory under Identify operation — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-51945 Stored XSS issues in Server Admin API — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-51944 Stored XSS in Rest Services Directory — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-51942 Stored XSS vulnerability in Rest Admin API under Hosted Feature Services page — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-10904 Stored XSS in Server Admin API — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2024-5888 Stored XSS in Rest Services API for a Toolbox published as GP Service — ArcGIS ServerCWE-79 4.8 Medium2025-03-03
CVE-2025-1726 [#BUG-000172669 ArcGIS Monitor has a security vulnerability] — ArcGIS MonitorCWE-89 4.3 Medium2025-02-26
CVE-2025-1068 There is a code injection vulnerability in Esri ArcGIS AllSource — ArcGIS AllSourceCWE-426 7.3 High2025-02-25
CVE-2025-1067 There is a code injection vulnerability in ArcGIS Pro — ArcGIS ProCWE-732 7.3 High2025-02-25
CVE-2024-38040 BUG-000167984 - Portal for ArcGIS has a Local file inclusion (LFI) vulnerability — Portal for ArcGISCWE-73 7.5 High2024-10-04
CVE-2024-38038 BUG-000165732 - Reflected XSS in Portal for ArcGIS — Portal for ArcGISCWE-79 6.1 Medium2024-10-04
CVE-2024-25691 BUG-000165286 - Reflected XSS in Portal for ArcGIS — Portal for ArcGISCWE-79 6.1 Medium2024-10-04
CVE-2024-25694 BUG-000163019 - Stored XSS in Portal for ArcGIS — Enterprise Web App BuilderCWE-79 4.8 Medium2024-10-04

This page lists every published CVE security advisory associated with Esri. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.