4.8

CVSS3.1

CVE-2025-57871 - BUG-000174020 -Β Reflected XSS vulnerability identified in Portal for ArcGIS. (11.3, 11.1, 10.9.1)

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser.

πŸ“… Published: Sept. 29, 2025, 6:39 p.m. πŸ”„ Last Modified: Oct. 17, 2025, 2:08 p.m.

6.1

CVSS3.1

CVE-2025-57872 - BUG-000174150 - Unvalidated redirect in Portal for ArcGIS.

There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.

πŸ“… Published: Sept. 29, 2025, 6:38 p.m. πŸ”„ Last Modified: Oct. 17, 2025, 2:14 p.m.

4.8

CVSS3.1

CVE-2025-57873 - BUG-000175222 - Reflected XSS vulnerability in Portal for ArcGIS.

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser.

πŸ“… Published: Sept. 29, 2025, 6:37 p.m. πŸ”„ Last Modified: Oct. 17, 2025, 2:14 p.m.

4.8

CVSS3.1

CVE-2025-57874 - BUG-000161627 -Β Reflected XSS vulnerability in Portal for ArcGIS.Β  (11.3, 11.1, 10.9.1)

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser.

πŸ“… Published: Sept. 29, 2025, 6:37 p.m. πŸ”„ Last Modified: Oct. 17, 2025, 2:14 p.m.

4.8

CVSS3.1

CVE-2025-57875 - BUG-000164122 - Reflected XSS vulnerability in Portal for ArcGIS.

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser.

πŸ“… Published: Sept. 29, 2025, 6:35 p.m. πŸ”„ Last Modified: Oct. 17, 2025, 2:14 p.m.

4.8

CVSS3.1

CVE-2025-57877 - Reflected XSS vulnerability in Portal for ArcGIS.

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser.

πŸ“… Published: Sept. 29, 2025, 6:34 p.m. πŸ”„ Last Modified: Oct. 17, 2025, 2:15 p.m.

6.1

CVSS3.1

CVE-2025-57878 - BUG-000174149 -Β The Portal for ArcGIS has an unvalidated redirect.

There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.

πŸ“… Published: Sept. 29, 2025, 6:33 p.m. πŸ”„ Last Modified: Oct. 17, 2025, 2:15 p.m.

6.1

CVSS3.1

CVE-2025-57879 - BUG-000171009 -Β URL manipulation vulnerability in Portal for ArcGIS.

There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.

πŸ“… Published: Sept. 29, 2025, 6:33 p.m. πŸ”„ Last Modified: Oct. 17, 2025, 2:15 p.m.

4.8

CVSS3.1

CVE-2025-57876 - Stored XSS vulnerability in Portal for ArcGIS

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in the victim’s browser. The p…

πŸ“… Published: Sept. 29, 2025, 6:32 p.m. πŸ”„ Last Modified: Oct. 17, 2025, 2:15 p.m.

4.9

CVSS3.1

CVE-2025-36099 - IBM WebSphere Application Server denial of service

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A privileged user could exploit this vulnerability to cause the server to consume memory resources.

πŸ“… Published: Sept. 29, 2025, 6:20 p.m. πŸ”„ Last Modified: Oct. 3, 2025, 5:54 p.m.
Total resulsts: 349182
Page 3643 of 34,919
Β« previous page Β» next page
Filters