Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

arcinfo — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting arcinfo. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ArcInfo serves as a comprehensive geographic information system (GIS) platform for spatial data management, analysis, and mapping. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, with 12 CVEs documented. Security researchers have identified input validation weaknesses and improper access controls as recurring concerns. While no major public security incidents have been widely reported, the consistent presence of multiple CVEs across versions indicates potential risks for organizations relying on ArcInfo for critical geospatial operations. Users should maintain current patch levels and implement strict input sanitization to mitigate exploitation risks.

Top products by arcinfo: PcVue
CVE IDTitleCVSSSeverityPublished
CVE-2026-1698 HTTP Host header vulnerability in WebClient and WebScheduler web apps — PcVueCWE-644 6.5AIMediumAI2026-02-26
CVE-2026-1697 Use of unsecure cookies for GraphicalData web service and WebClient web app — PcVueCWE-614 7.2AIHighAI2026-02-26
CVE-2026-1696 Missing security HTTP headers — PcVueCWE-79 6.5AIMediumAI2026-02-26
CVE-2026-1695 XSS vulnerability upon unsuccessful authentication — PcVueCWE-79 6.1AIMediumAI2026-02-26
CVE-2026-1694 Server configuration details in HTTP headers — PcVueCWE-201 5.3AIMediumAI2026-02-26
CVE-2026-1693 Use of vulnerable Resource Owner Password Credentials flow — PcVueCWE-1390 9.1AICriticalAI2026-02-26
CVE-2026-1692 Missing origin validation in GraphicalData web service requests — PcVueCWE-1385 5.4AIMediumAI2026-02-26
CVE-2025-9999 Improper validation of payload elements — PcVueCWE-940 9.8AICriticalAI2025-09-05
CVE-2025-9998 Improper validation of packets sequencing — PcVueCWE-754 7.5AIHighAI2025-09-05
CVE-2025-4384 Certificate validity not properly verified — PcVueCWE-298 7.5AIHighAI2025-05-06
CVE-2024-12057 User credentials recorded in log files — PcVueCWE-532 8.1 -2024-12-09
CVE-2024-12056 Client Secret not checked with OAuth Password grant type — PcVueCWE-358 8.8 -2024-12-04

This page lists every published CVE security advisory associated with arcinfo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.