CVE-2022-35903

An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a 3DS file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within...

EUVD-2021-21558

Malware in sbrugna...

EUVD-2021-21542

Malware in sbrugna...

EUVD-2021-33299

Malicious code in bioql PyPI...

EUVD-2022-32761

Malicious code in bioql PyPI...

EUVD-2021-33271

Malicious code in bioql PyPI...

CVE-2022-28309

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2021-34901

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

CVE-2021-46587

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2021-34880

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

CVE-2024-11578

The CVE-2024-11578 entry affects Luxion KeyShot, specifically a vulnerability in 3DS file parsing. The issue is a stack-based buffer overflow caused by insufficient validation of the length of user-supplied data before copying it to a stack buffer, enabling arbitrary code execution. Exploitation ...

CVE-2024-11576

Luxion KeyShot is affected by a heap-based buffer overflow in 3DS file parsing, enabling remote code execution. The flaw arises from insufficient validation of the length of user-supplied data before copying to a heap buffer. Exploitation requires user interaction (visiting a malicious page or op...

CVE-2023-34290

Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a maliciou...

CVE-2023-34290

Ashlar-Vellum Cobalt contains an out-of-bounds write vulnerability in the 3DS file parsing path that can lead to remote code execution. The flaw arises from insufficient validation of user-supplied data, allowing a write past the end of an allocated buffer. Exploitation requires user interaction ...

Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

CVE-2022-28308

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2022-28309

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2022-28309

Bentley View 10.16.02.022 is affected by a parsing flaw in 3DS files that can trigger an out-of-bounds read in the allocated buffer. The vulnerability, associated with ZDI-CAN-16308, requires user interaction (victim opens a malicious file/page). Exploitation could lead to arbitrary code executio...

CVE-2022-28312

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla...