85 matches found
CVE-2022-35903
An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a 3DS file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within...
EUVD-2021-21558
Malware in sbrugna...
EUVD-2021-21542
Malware in sbrugna...
EUVD-2022-32761
Malicious code in bioql PyPI...
EUVD-2021-33271
Malicious code in bioql PyPI...
EUVD-2021-33299
Malicious code in bioql PyPI...
CVE-2022-28309
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2021-34901
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2021-46587
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2021-34880
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
CVE-2024-11578
The CVE-2024-11578 entry affects Luxion KeyShot, specifically a vulnerability in 3DS file parsing. The issue is a stack-based buffer overflow caused by insufficient validation of the length of user-supplied data before copying it to a stack buffer, enabling arbitrary code execution. Exploitation ...
CVE-2024-11576
Luxion KeyShot is affected by a heap-based buffer overflow in 3DS file parsing, enabling remote code execution. The flaw arises from insufficient validation of the length of user-supplied data before copying to a heap buffer. Exploitation requires user interaction (visiting a malicious page or op...
CVE-2023-34290
Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a maliciou...
CVE-2023-34290
Ashlar-Vellum Cobalt contains an out-of-bounds write vulnerability in the 3DS file parsing path that can lead to remote code execution. The flaw arises from insufficient validation of user-supplied data, allowing a write past the end of an allocated buffer. Exploitation requires user interaction ...
Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...
CVE-2022-28309
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2022-28308
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
Design/Logic Flaw
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2022-28309
Bentley View 10.16.02.022 is affected by a parsing flaw in 3DS files that can trigger an out-of-bounds read in the allocated buffer. The vulnerability, associated with ZDI-CAN-16308, requires user interaction (victim opens a malicious file/page). Exploitation could lead to arbitrary code executio...
CVE-2022-28308
CVE-2022-28308 affects Bentley View 10.16.02.022. The issue is in parsing 3DS files, where crafted data can trigger a read past the end of an allocated buffer. This could disclose sensitive information and, in conjunction with other vulnerabilities, allow arbitrary code execution in the current p...