154 matches found
CVE-2021-46611
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
CVE-2021-46575
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-28647
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.2.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-28641
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-28314
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-28641
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-28306
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-28311
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
Stack overflow
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-28647
Bentley MicroStation CONNECT 10.16.2.034 is affected by CVE-2022-28647 due to an out-of-bounds read in IFC file parsing. Crafted IFC data can trigger a read past the end of an allocated buffer, allowing remote code execution in the context of the current process. User interaction is required (vis...
CVE-2022-28311
Bentley MicroStation CONNECT 10.16.02.034 is affected by CVE-2022-28311 due to an out-of-bounds read in DXF file parsing, allowing remote code execution after user interaction (visiting a malicious page or opening a malicious file). The issue originates from crafted DXF data triggering a read pas...
CVE-2022-28316
Bentley MicroStation CONNECT 10.16.02.34 is affected by an out-of-bounds write in the IFC file parsing logic. Crafted data in an IFC file can trigger a write past the end of an allocated buffer, enabling remote code execution in the context of the current process. User interaction is required (ta...
CVE-2022-28305
Bentley MicroStation CONNECT 10.16.02.034 is affected by CVE-2022-28305 due to a stack-based buffer overflow in OBJ file parsing. The flaw arises from insufficient validation of user-supplied data length before copying to a fixed-length buffer, enabling arbitrary code execution when a user opens ...
CVE-2022-28642
CVE-2022-28642 affects Bentley MicroStation CONNECT 10.16.02.34. The vulnerability is in the parsing of DGN files, where crafted data can trigger a write-past-the-end of an allocated buffer, allowing code execution in the context of the current process. Exploitation requires user interaction (tar...
CVE-2022-28313
CVE-2022-28313 affects Bentley MicroStation CONNECT 10.16.02.034. The vulnerability lies in 3DS file parsing, where crafted data can trigger a read past the end of an allocated buffer, leading to information disclosure. Some sources also indicate the vulnerability could be leveraged with other is...
CVE-2022-28317
CVE-2022-28317 affects Bentley MicroStation CONNECT 10.16.02.34. The root cause is an uninitialized memory access during IFC file parsing, enabling remote code execution when a user opens a malicious file or visits a crafted page. Impact is described as arbitrary code execution in the context of ...