GCVE - cpe:2.3:a:esri:arcgis_desktop:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:esri:arcgis_desktop:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Esri (`7fc7b1c4-e95b-5bc9-bfb4-4695cd2e3e82`)
Product	Arcgis Desktop (`38261c1c-97a8-550e-b242-4c6984c6f917`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-29098`	vulnerable	2026-06-03 14:44:19.642083	ArcGIS general raster security update: uninitialized pointer HIGH (7.8) Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. Published: 2021-03-25T20:37:05.516Z Updated: 2025-04-10T15:22:04.460Z Open on db.gcve.eu Reference links https://www.esri.com/arcgis-blog/products/arcgis/administration/security-advisory-general-raster/ https://www.zerodayinitiative.com/advisories/ZDI-21-361/ https://www.zerodayinitiative.com/advisories/ZDI-21-362/ https://www.zerodayinitiative.com/advisories/ZDI-21-372/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-29097`	vulnerable	2026-06-03 14:44:19.641309	ArcGIS general raster security update: buffer overflow HIGH (7.8) Multiple buffer overflow vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. Published: 2021-03-25T20:36:03.915Z Updated: 2024-09-17T03:17:27.744Z Open on db.gcve.eu Reference links https://www.esri.com/arcgis-blog/products/arcgis/administration/security-advisory-general-raster/ https://www.zerodayinitiative.com/advisories/ZDI-21-367/ https://www.zerodayinitiative.com/advisories/ZDI-21-371/ https://www.zerodayinitiative.com/advisories/ZDI-21-364/ https://www.zerodayinitiative.com/advisories/ZDI-21-363/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-29096`	vulnerable	2026-06-03 14:44:19.634958	ArcGIS general raster security update: use-after-free HIGH (7.8) A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. Published: 2021-03-25T18:37:37.051Z Updated: 2024-09-17T03:42:41.962Z Open on db.gcve.eu Reference links https://www.esri.com/arcgis-blog/products/arcgis/administration/security-advisory-general-raster/ https://www.zerodayinitiative.com/advisories/ZDI-21-370/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.