Lucene search
K

379 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:56 p.m.17 views

CVE-2021-46646

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS6.9AI score0.02087EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:56 p.m.10 views

CVE-2021-46651

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

5.5CVSS6AI score0.01678EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:56 p.m.5 views

CVE-2021-46589

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

5.5CVSS6AI score0.01699EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:54 p.m.9 views

CVE-2021-46648

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS6.8AI score0.02087EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:54 p.m.7 views

CVE-2021-46639

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS6.9AI score0.02087EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:37 p.m.9 views

CVE-2021-32946

An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK Version 2022.4 and prior resulting from the lack of proper validation of the user-supplied data. This may result in several of out-of-bounds problems and allow attackers to cause a...

7.8CVSS7.1AI score0.02801EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:37 p.m.7 views

CVE-2021-34914

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS6.9AI score0.02113EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 5:8 a.m.9 views

CVE-2021-46638

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS6.8AI score0.02068EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/06 5:7 a.m.18 views

CVE-2021-46575

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS6.8AI score0.0237EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 11:45 p.m.14 views

CVE-2022-41613

Bentley Systems MicroStation Connect versions 10.17.0.209 and prior are vulnerable to an Out-of-Bounds Read when when parsing DGN files, which may allow an attacker to crash the product, disclose sensitive information, or execute arbitrary code...

7.8CVSS7.2AI score0.0023EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:54 p.m.13 views

CVE-2022-28643

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS6.8AI score0.00938EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:50 p.m.13 views

CVE-2022-28644

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS6.8AI score0.00938EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:47 p.m.22 views

CVE-2022-28642

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS6.8AI score0.00938EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/11/08 2:2 p.m.100 views

AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services

The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. "This botnet utilizes remote code execution and credential-stealing methods to maintain persistent...

10CVSS10AI score0.99999EPSS
Exploits367
NVD
NVD
added 2023/12/26 9:15 a.m.23 views

CVE-2023-5180

An issue was discovered in Open Design Alliance Drawings SDK before 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process...

7.8CVSS0.00192EPSS
Exploits0References1
OSV
OSV
added 2023/12/26 9:15 a.m.3 views

CVE-2023-5180

An issue was discovered in Open Design Alliance Drawings SDK before 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process...

7.8CVSS5.8AI score0.00192EPSS
Exploits0References1
Prion
Prion
added 2023/12/26 9:15 a.m.16 views

Design/Logic Flaw

An issue was discovered in Open Design Alliance Drawings SDK before 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process...

4.4CVSS6.8AI score0.00192EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/26 8:35 a.m.48 views

CVE-2023-5180

CVE-2023-5180 affects the Open Design Alliance Drawings SDK prior to 2024.12. A crafted DGN file can trigger an out-of-bounds write by corrupting the value of the number of sectors in the Fat structure, enabling code execution in the current process. The connected sources (e.g., PT-2023-31894, CI...

7.8CVSS7.4AI score0.00192EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/26 8:35 a.m.41 views

CVE-2023-5180 Out-of-bounds Write vulnerability exists in ODA Drawings SDK before 2024.12

An issue was discovered in Open Design Alliance Drawings SDK before 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process...

7.8CVSS7.6AI score0.00192EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/26 12:0 a.m.6 views

PT-2023-31894 · Open Design Alliance · Open Design Alliance Drawings Sdk

Name of the Vulnerable Software and Affected Versions: Open Design Alliance Drawings SDK versions prior to 2024.12 Description: An issue was discovered in the Open Design Alliance Drawings SDK where a corrupted value of the number of sectors used by the Fat structure in a crafted DGN file leads t...

7.8CVSS7.5AI score0.00192EPSS
Exploits0References8
Rows per page
Query Builder