Lucene search
+L

380 matches found

vulnrichment
vulnrichment
added 2023/03/29 12:0 a.m.5 views

CVE-2022-28643

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS7.8AI score0.00938EPSS
Exploits0References2
cve
cve
added 2023/03/29 12:0 a.m.45 views

CVE-2022-28642

CVE-2022-28642 affects Bentley MicroStation CONNECT 10.16.02.34. The vulnerability is in the parsing of DGN files, where crafted data can trigger a write-past-the-end of an allocated buffer, allowing code execution in the context of the current process. Exploitation requires user interaction (tar...

7.8CVSS7.8AI score0.00938EPSS
Exploits0References2Affected Software2
cve
cve
added 2023/03/29 12:0 a.m.39 views

CVE-2022-28645

Bentley MicroStation CONNECT 10.16.02.34 is affected by a DGN file parsing out-of-bounds read that can disclose sensitive information. The flaw allows an attacker to trigger a read past the end of an allocated buffer and, in conjunction with other vulnerabilities, may lead to arbitrary code execu...

5.5CVSS4AI score0.00613EPSS
Exploits0References2Affected Software2
cve
cve
added 2023/03/29 12:0 a.m.44 views

CVE-2022-28644

CVE-2022-28644 affects Bentley MicroStation CONNECT 10.16.02.34. A flaw in DGN file parsing can trigger a write past the end of an allocated buffer, enabling remote code execution. User interaction is required (visit a malicious page/file). Connected advisories (ZDI-22-611) confirm the out-of-bou...

7.8CVSS7.8AI score0.00938EPSS
Exploits0References2Affected Software2
cve
cve
added 2023/03/29 12:0 a.m.49 views

CVE-2022-28643

CVE-2022-28643 affects Bentley MicroStation CONNECT 10.16.02.34. The vulnerability arises from the parsing of DGN files; crafted data can trigger a write past the end of an allocated buffer, allowing remote code execution in the current process. User interaction is required (visiting a malicious ...

7.8CVSS7.8AI score0.00938EPSS
Exploits0References2Affected Software2
cvelist
cvelist
added 2023/03/29 12:0 a.m.40 views

CVE-2022-28642

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS8AI score0.00938EPSS
Exploits0References2
cvelist
cvelist
added 2023/03/29 12:0 a.m.34 views

CVE-2022-28644

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS8AI score0.00938EPSS
Exploits0References2
cvelist
cvelist
added 2023/03/29 12:0 a.m.34 views

CVE-2022-28643

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS8AI score0.00938EPSS
Exploits0References2
cvelist
cvelist
added 2023/03/29 12:0 a.m.30 views

CVE-2022-28645

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

3.3CVSS5.5AI score0.00613EPSS
Exploits0References2
zdi
zdi
added 2023/02/24 12:0 a.m.34 views

Open Design Alliance (ODA) Drawing SDK DGN File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance ODA Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS5.6AI score0.00814EPSS
Exploits0References1
zdi
zdi
added 2023/02/09 12:0 a.m.22 views

Open Design Alliance (ODA) Drawing SDK DGN File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance ODA Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS5.2AI score0.02668EPSS
Exploits0References1
zdi
zdi
added 2023/02/09 12:0 a.m.26 views

Open Design Alliance (ODA) Drawing SDK DGN File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance ODA Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS6.3AI score0.02801EPSS
Exploits0References1
zdi
zdi
added 2023/02/09 12:0 a.m.37 views

Open Design Alliance (ODA) Drawing SDK DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance ODA Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS5.5AI score0.02705EPSS
Exploits0References1
zdi
zdi
added 2023/02/09 12:0 a.m.22 views

Open Design Alliance (ODA) Drawing SDK DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance ODA Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS5.5AI score0.01405EPSS
Exploits0References1
zdi
zdi
added 2023/02/09 12:0 a.m.33 views

Open Design Alliance (ODA) Drawing SDK DGN File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance ODA Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS5.2AI score0.02668EPSS
Exploits0References1
osv
osv
added 2023/01/06 10:15 p.m.4 views

CVE-2022-41613

Bentley Systems MicroStation Connect versions 10.17.0.209 and prior are vulnerable to an Out-of-Bounds Read when when parsing DGN files, which may allow an attacker to crash the product, disclose sensitive information, or execute arbitrary code...

7.8CVSS5.9AI score0.0023EPSS
Exploits0References2
nvd
nvd
added 2023/01/06 10:15 p.m.62 views

CVE-2022-41613

Bentley Systems MicroStation Connect versions 10.17.0.209 and prior are vulnerable to an Out-of-Bounds Read when when parsing DGN files, which may allow an attacker to crash the product, disclose sensitive information, or execute arbitrary code...

7.8CVSS7.8AI score0.0023EPSS
Exploits0References2
nvd
nvd
added 2023/01/06 10:15 p.m.26 views

CVE-2022-40201

Bentley Systems MicroStation Connect versions 10.17.0.209 and prior are vulnerable to a Stack-Based Buffer Overflow when a malformed design DGN file is parsed. This may allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.00332EPSS
Exploits0References2
osv
osv
added 2023/01/06 10:15 p.m.5 views

CVE-2022-40201

Bentley Systems MicroStation Connect versions 10.17.0.209 and prior are vulnerable to a Stack-Based Buffer Overflow when a malformed design DGN file is parsed. This may allow an attacker to execute arbitrary code...

7.8CVSS6AI score0.00332EPSS
Exploits0References2
prion
prion
added 2023/01/06 10:15 p.m.19 views

Out-of-bounds

Bentley Systems MicroStation Connect versions 10.17.0.209 and prior are vulnerable to an Out-of-Bounds Read when when parsing DGN files, which may allow an attacker to crash the product, disclose sensitive information, or execute arbitrary code...

4.4CVSS7.8AI score0.0023EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder