View

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:bentley:view:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorBentley (61f5c3c2-43f8-5e2d-bb69-fe40840daf55)
ProductView (ed815c9c-1cfe-54f5-abb1-0d0de802a3b5)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-44430 vulnerable 2026-06-03 14:53:06.733660 Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19067.
Published: 2024-05-03T02:13:56.897Z
Updated: 2024-08-02T20:07:33.102Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-43656 vulnerable 2026-06-03 14:48:15.584048 Bentley View FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
LOW (3.3)
Bentley View FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. Crafted data in an FBX file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18492.
Published: 2024-05-07T22:55:01.082Z
Updated: 2024-08-03T13:40:05.639Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-43655 vulnerable 2026-06-03 14:48:15.583651 Bentley View FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
HIGH (7.8)
Bentley View FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18491.
Published: 2024-05-07T22:55:00.105Z
Updated: 2024-08-03T13:40:06.024Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-43653 vulnerable 2026-06-03 14:48:15.574704 Bentley View SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
Bentley View SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. Crafted data in an SKP file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19084.
Published: 2024-05-07T22:54:58.166Z
Updated: 2024-08-03T13:40:06.143Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-43652 vulnerable 2026-06-03 14:48:15.573259 Bentley View SKP File Parsing Use-After-Free Information Disclosure Vulnerability
LOW (3.3)
Bentley View SKP File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18981.
Published: 2024-05-07T22:54:57.232Z
Updated: 2024-08-03T13:40:06.413Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-43651 vulnerable 2026-06-03 14:48:15.572832 Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18960.
Published: 2024-05-07T22:54:56.217Z
Updated: 2024-08-03T13:40:05.691Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-42901 vulnerable 2026-06-03 14:48:13.217589 Details available
HIGH (7.8)
Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds and stack overflow issues when opening crafted XMT files. Exploiting these issues could lead to information disclosure and code execution. The fixed versions are 10.17.01.58* for MicroStation and 10.17.01.19* for Bentley View.
Published: 2022-10-13T00:00:00.000Z
Updated: 2025-05-15T17:40:28.433Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-42900 vulnerable 2026-06-03 14:48:13.217200 Details available
HIGH (7.8)
Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds read issues when opening crafted FBX files. Exploiting these issues could lead to information disclosure and code execution. The fixed versions are 10.17.01.58* for MicroStation and 10.17.01.19* for Bentley View.
Published: 2022-10-13T00:00:00.000Z
Updated: 2025-05-15T17:41:40.786Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-42899 vulnerable 2026-06-03 14:48:13.216715 Details available
HIGH (7.8)
Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds read and stack overflow issues when opening crafted SKP files. Exploiting these issues could lead to information disclosure and code execution. The fixed versions are 10.17.01.58* for MicroStation and 10.17.01.19* for Bentley View.
Published: 2022-10-13T00:00:00.000Z
Updated: 2025-05-15T17:43:16.698Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-35906 vulnerable 2026-06-03 14:47:39.053117 Details available
LOW (3.3)
An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a DGN file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of DGN files could enable an attacker to read information in the context of the current process.
Published: 2022-07-15T22:45:28.000Z
Updated: 2024-08-03T09:44:22.192Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-35905 vulnerable 2026-06-03 14:47:39.052816 Details available
LOW (3.3)
An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an FBX file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of FBX files could enable an attacker to read information in the context of the current process.
Published: 2022-07-15T22:45:09.000Z
Updated: 2024-08-03T09:44:22.129Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-35904 vulnerable 2026-06-03 14:47:39.052523 Details available
LOW (3.3)
An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an IFC file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of IFC files could enable an attacker to read information in the context of the current process.
Published: 2022-07-15T22:44:56.000Z
Updated: 2024-08-03T09:44:22.178Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-35903 vulnerable 2026-06-03 14:47:39.052228 Details available
LOW (3.3)
An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a 3DS file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of 3DS files could enable an attacker to read information in the context of the current process.
Published: 2022-07-15T22:44:39.000Z
Updated: 2024-08-03T09:44:22.158Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-35902 vulnerable 2026-06-03 14:47:39.051909 Details available
LOW (3.3)
An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an OBJ file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of OBJ files could enable an attacker to read information in the context of the current process.
Published: 2022-07-15T22:42:30.000Z
Updated: 2024-08-03T09:44:22.154Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-35901 vulnerable 2026-06-03 14:47:39.051583 Details available
LOW (3.3)
An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a J2K file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of J2K files could enable an attacker to read information in the context of the current process.
Published: 2022-07-15T22:40:53.000Z
Updated: 2024-08-03T09:44:22.181Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-35900 vulnerable 2026-06-03 14:47:39.051137 Details available
LOW (3.3)
An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a JP2 file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of JP2 files could enable an attacker to read information in the context of the current process.
Published: 2022-07-15T22:40:38.000Z
Updated: 2024-08-03T09:44:22.148Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28647 vulnerable 2026-06-03 14:46:55.127964 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.2.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of IFC files. Crafted data in an IFC file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16573.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T16:33:47.939Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28646 vulnerable 2026-06-03 14:46:55.127640 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.2.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of IFC files. Crafted data in an IFC file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16570.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T20:07:00.821Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28645 vulnerable 2026-06-03 14:46:55.127307 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16470.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T20:07:19.348Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28644 vulnerable 2026-06-03 14:46:55.126977 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16469.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T20:07:41.488Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28643 vulnerable 2026-06-03 14:46:55.126643 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16468.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T20:08:09.910Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28642 vulnerable 2026-06-03 14:46:55.126254 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16424.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T20:08:54.886Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28641 vulnerable 2026-06-03 14:46:55.125896 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of IFC files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16390.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T20:09:08.714Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28320 vulnerable 2026-06-03 14:46:54.706853 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DM files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16282.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T16:58:09.837Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28319 vulnerable 2026-06-03 14:46:54.706580 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DM files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16340.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:35:05.854Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28318 vulnerable 2026-06-03 14:46:54.706255 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of IFC files. Crafted data in an IFC file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16379.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-04-04T20:37:23.764Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28317 vulnerable 2026-06-03 14:46:54.705916 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of IFC files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16369.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T16:32:58.090Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28316 vulnerable 2026-06-03 14:46:54.705600 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of IFC files. Crafted data in an IFC file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16368.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T16:31:37.755Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28315 vulnerable 2026-06-03 14:46:54.705277 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of IFC files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16367.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:34:28.679Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28314 vulnerable 2026-06-03 14:46:54.704952 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of IFC files. Crafted data in an IFC file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16332.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:33:37.482Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28313 vulnerable 2026-06-03 14:46:54.704624 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16343.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:32:01.350Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28312 vulnerable 2026-06-03 14:46:54.704286 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16342.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:31:29.991Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28311 vulnerable 2026-06-03 14:46:54.703953 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. Crafted data in a DXF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16341.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:31:15.673Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28310 vulnerable 2026-06-03 14:46:54.703636 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16339.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:29:54.315Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28309 vulnerable 2026-06-03 14:46:54.703284 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16308.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:28:26.120Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28308 vulnerable 2026-06-03 14:46:54.702967 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16307.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:35:42.600Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28307 vulnerable 2026-06-03 14:46:54.702667 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. Crafted data in a DXF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16306.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:25:55.487Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28306 vulnerable 2026-06-03 14:46:54.702392 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this to execute code in the context of the current process. Was ZDI-CAN-16174.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:24:05.217Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28305 vulnerable 2026-06-03 14:46:54.702066 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16172.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:22:30.402Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28304 vulnerable 2026-06-03 14:46:54.701740 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16171.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:21:05.212Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28303 vulnerable 2026-06-03 14:46:54.701364 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16280.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:19:08.352Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28302 vulnerable 2026-06-03 14:46:54.701046 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of IFC files. Crafted data in an IFC file can trigger a read past the end of an allocated buffer. An attacker can leverage this to execute code in the context of the current process. Was ZDI-CAN-16446.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:18:39.747Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28301 vulnerable 2026-06-03 14:46:54.700634 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of IFC files. Crafted data in an IFC file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16392.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T17:18:00.984Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-28300 vulnerable 2026-06-03 14:46:54.699585 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation 10.16.02.034 CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. Crafted data in a JP2 file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16202.
Published: 2023-03-29T00:00:00.000Z
Updated: 2025-02-18T16:59:21.075Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46656 vulnerable 2026-06-03 14:45:44.702630 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15631.
Published: 2022-02-18T19:46:39.000Z
Updated: 2024-08-04T05:10:35.405Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46655 vulnerable 2026-06-03 14:45:44.702307 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15630.
Published: 2022-02-18T19:46:38.000Z
Updated: 2024-08-04T05:10:35.446Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46654 vulnerable 2026-06-03 14:45:44.701989 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15540.
Published: 2022-02-18T19:46:36.000Z
Updated: 2024-08-04T05:10:35.484Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46653 vulnerable 2026-06-03 14:45:44.701673 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15539.
Published: 2022-02-18T19:46:35.000Z
Updated: 2024-08-04T05:10:35.485Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46652 vulnerable 2026-06-03 14:45:44.701352 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15538.
Published: 2022-02-18T19:46:33.000Z
Updated: 2024-08-04T05:10:35.425Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46651 vulnerable 2026-06-03 14:45:44.701055 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15537.
Published: 2022-02-18T19:46:32.000Z
Updated: 2024-08-04T05:10:35.428Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46650 vulnerable 2026-06-03 14:45:44.700698 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15536.
Published: 2022-02-18T19:46:31.000Z
Updated: 2024-08-04T05:10:35.351Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46649 vulnerable 2026-06-03 14:45:44.700348 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15535.
Published: 2022-02-18T19:46:29.000Z
Updated: 2024-08-04T05:10:35.399Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46648 vulnerable 2026-06-03 14:45:44.699991 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15534.
Published: 2022-02-18T19:46:28.000Z
Updated: 2024-08-04T05:10:35.451Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46647 vulnerable 2026-06-03 14:45:44.699626 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15533.
Published: 2022-02-18T19:46:26.000Z
Updated: 2024-08-04T05:10:35.445Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46646 vulnerable 2026-06-03 14:45:44.699253 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15532.
Published: 2022-02-18T19:46:25.000Z
Updated: 2024-08-04T05:10:35.485Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46645 vulnerable 2026-06-03 14:45:44.698897 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. Crafted data in a BMP image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15531.
Published: 2022-02-18T19:46:23.000Z
Updated: 2024-08-04T05:10:35.354Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46644 vulnerable 2026-06-03 14:45:44.698541 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15530.
Published: 2022-02-18T19:46:22.000Z
Updated: 2024-08-04T05:10:35.429Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46643 vulnerable 2026-06-03 14:45:44.698160 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15515.
Published: 2022-02-18T19:46:20.000Z
Updated: 2024-08-04T05:10:35.448Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46642 vulnerable 2026-06-03 14:45:44.697826 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15514.
Published: 2022-02-18T19:46:19.000Z
Updated: 2024-08-04T05:10:35.446Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46641 vulnerable 2026-06-03 14:45:44.697487 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN file. Crafted data in a DNG file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15513.
Published: 2022-02-18T19:46:18.000Z
Updated: 2024-08-04T05:10:35.276Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46640 vulnerable 2026-06-03 14:45:44.697166 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15512.
Published: 2022-02-18T19:46:16.000Z
Updated: 2024-08-04T05:10:35.358Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46639 vulnerable 2026-06-03 14:45:44.696866 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15511.
Published: 2022-02-18T19:46:15.000Z
Updated: 2024-08-04T05:10:35.332Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46638 vulnerable 2026-06-03 14:45:44.696501 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15510.
Published: 2022-02-18T19:46:13.000Z
Updated: 2024-08-04T05:10:35.404Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46637 vulnerable 2026-06-03 14:45:44.696046 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15509.
Published: 2022-02-18T19:46:12.000Z
Updated: 2024-08-04T05:10:35.350Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46636 vulnerable 2026-06-03 14:45:44.695695 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15508.
Published: 2022-02-18T19:46:10.000Z
Updated: 2024-08-04T05:10:35.379Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46635 vulnerable 2026-06-03 14:45:44.695347 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15507.
Published: 2022-02-18T19:46:09.000Z
Updated: 2024-08-04T05:10:35.376Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46634 vulnerable 2026-06-03 14:45:44.694968 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15464.
Published: 2022-02-18T19:46:07.000Z
Updated: 2024-08-04T05:10:35.357Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46633 vulnerable 2026-06-03 14:45:44.694611 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15463.
Published: 2022-02-18T19:46:06.000Z
Updated: 2024-08-04T05:10:35.274Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46632 vulnerable 2026-06-03 14:45:44.694229 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15462.
Published: 2022-02-18T19:46:04.000Z
Updated: 2024-08-04T05:10:35.256Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46631 vulnerable 2026-06-03 14:45:44.693898 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15461.
Published: 2022-02-18T19:46:03.000Z
Updated: 2024-08-04T05:10:35.417Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46630 vulnerable 2026-06-03 14:45:44.693586 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15460.
Published: 2022-02-18T19:46:01.000Z
Updated: 2024-08-04T05:10:35.264Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46629 vulnerable 2026-06-03 14:45:44.693266 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15459.
Published: 2022-02-18T19:46:00.000Z
Updated: 2024-08-04T05:10:35.371Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46628 vulnerable 2026-06-03 14:45:44.692937 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15458.
Published: 2022-02-18T19:45:58.000Z
Updated: 2024-08-04T05:10:35.273Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46627 vulnerable 2026-06-03 14:45:44.692610 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15457.
Published: 2022-02-18T19:45:57.000Z
Updated: 2024-08-04T05:10:35.269Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46626 vulnerable 2026-06-03 14:45:44.692292 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15456.
Published: 2022-02-18T19:45:56.000Z
Updated: 2024-08-04T05:10:35.411Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46625 vulnerable 2026-06-03 14:45:44.691970 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JT files. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15455.
Published: 2022-02-18T19:45:54.000Z
Updated: 2024-08-04T05:10:35.366Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46624 vulnerable 2026-06-03 14:45:44.691647 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15454.
Published: 2022-02-18T19:45:53.000Z
Updated: 2024-08-04T05:10:35.331Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46623 vulnerable 2026-06-03 14:45:44.691321 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15453.
Published: 2022-02-18T19:45:51.000Z
Updated: 2024-08-04T05:10:35.429Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46622 vulnerable 2026-06-03 14:45:44.691026 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15416.
Published: 2022-02-18T19:45:50.000Z
Updated: 2024-08-04T05:10:35.263Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46621 vulnerable 2026-06-03 14:45:44.690667 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JT files. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15415.
Published: 2022-02-18T19:45:48.000Z
Updated: 2024-08-04T05:10:35.362Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46620 vulnerable 2026-06-03 14:45:44.690303 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15414.
Published: 2022-02-18T19:45:47.000Z
Updated: 2024-08-04T05:10:35.280Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46619 vulnerable 2026-06-03 14:45:44.689940 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15413.
Published: 2022-02-18T19:45:45.000Z
Updated: 2024-08-04T05:10:35.400Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46618 vulnerable 2026-06-03 14:45:44.689581 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNG images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15412.
Published: 2022-02-18T19:45:44.000Z
Updated: 2024-08-04T05:10:35.374Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46617 vulnerable 2026-06-03 14:45:44.689218 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15411.
Published: 2022-02-18T19:45:42.000Z
Updated: 2024-08-04T05:10:35.333Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46616 vulnerable 2026-06-03 14:45:44.688865 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15410.
Published: 2022-02-18T19:45:41.000Z
Updated: 2024-08-04T05:10:35.327Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46615 vulnerable 2026-06-03 14:45:44.688426 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15409.
Published: 2022-02-18T19:45:40.000Z
Updated: 2024-08-04T05:10:35.349Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46614 vulnerable 2026-06-03 14:45:44.688053 Details available
HIGH (7.8)
Bentley MicroStation CONNECT 10.16.0.80 J2K File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15408.
Published: 2022-02-18T19:45:38.000Z
Updated: 2024-08-04T05:10:35.370Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46613 vulnerable 2026-06-03 14:45:44.687708 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15407.
Published: 2022-02-18T19:45:37.000Z
Updated: 2024-08-04T05:10:35.282Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46612 vulnerable 2026-06-03 14:45:44.687360 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15406.
Published: 2022-02-18T19:45:35.000Z
Updated: 2024-08-04T05:10:35.332Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46611 vulnerable 2026-06-03 14:45:44.686998 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15405.
Published: 2022-02-18T19:45:34.000Z
Updated: 2024-08-04T05:10:35.337Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46610 vulnerable 2026-06-03 14:45:44.686647 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15404.
Published: 2022-02-18T19:45:32.000Z
Updated: 2024-08-04T05:10:35.329Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46609 vulnerable 2026-06-03 14:45:44.686291 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15403.
Published: 2022-02-18T19:45:31.000Z
Updated: 2024-08-04T05:10:35.279Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46608 vulnerable 2026-06-03 14:45:44.685932 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15402.
Published: 2022-02-18T19:45:30.000Z
Updated: 2024-08-04T05:10:35.366Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46607 vulnerable 2026-06-03 14:45:44.685581 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15401.
Published: 2022-02-18T19:45:28.000Z
Updated: 2024-08-04T05:10:35.338Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46606 vulnerable 2026-06-03 14:45:44.685240 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15400.
Published: 2022-02-18T19:45:27.000Z
Updated: 2024-08-04T05:10:35.322Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46605 vulnerable 2026-06-03 14:45:44.684896 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15399.
Published: 2022-02-18T19:45:25.000Z
Updated: 2024-08-04T05:10:35.361Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46604 vulnerable 2026-06-03 14:45:44.684539 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNG images. Crafted data in a PNG image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15398.
Published: 2022-02-18T19:45:24.000Z
Updated: 2024-08-04T05:10:35.265Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46603 vulnerable 2026-06-03 14:45:44.684173 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15397.
Published: 2022-02-18T19:45:22.000Z
Updated: 2024-08-04T05:10:35.271Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46602 vulnerable 2026-06-03 14:45:44.683810 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15396.
Published: 2022-02-18T19:45:21.000Z
Updated: 2024-08-04T05:10:35.355Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46601 vulnerable 2026-06-03 14:45:44.683458 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15395.
Published: 2022-02-18T19:45:19.000Z
Updated: 2024-08-04T05:10:35.328Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46600 vulnerable 2026-06-03 14:45:44.683095 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15394.
Published: 2022-02-18T19:45:18.000Z
Updated: 2024-08-04T05:10:35.334Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46599 vulnerable 2026-06-03 14:45:44.682739 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15393.
Published: 2022-02-18T19:45:17.000Z
Updated: 2024-08-04T05:10:35.339Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46598 vulnerable 2026-06-03 14:45:44.682382 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15392.
Published: 2022-02-18T19:45:15.000Z
Updated: 2024-08-04T05:10:35.248Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46597 vulnerable 2026-06-03 14:45:44.681999 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15391.
Published: 2022-02-18T19:45:14.000Z
Updated: 2024-08-04T05:10:35.324Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46596 vulnerable 2026-06-03 14:45:44.681542 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15390.
Published: 2022-02-18T19:45:12.000Z
Updated: 2024-08-04T05:10:35.257Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46595 vulnerable 2026-06-03 14:45:44.681169 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15389.
Published: 2022-02-18T19:45:11.000Z
Updated: 2024-08-04T05:10:35.313Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46594 vulnerable 2026-06-03 14:45:44.680808 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15388.
Published: 2022-02-18T19:45:09.000Z
Updated: 2024-08-04T05:10:35.353Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46593 vulnerable 2026-06-03 14:45:44.680447 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15387.
Published: 2022-02-18T19:45:08.000Z
Updated: 2024-08-04T05:10:35.250Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46592 vulnerable 2026-06-03 14:45:44.680081 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15386.
Published: 2022-02-18T19:45:06.000Z
Updated: 2024-08-04T05:10:35.323Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46591 vulnerable 2026-06-03 14:45:44.679715 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15385.
Published: 2022-02-18T19:45:04.000Z
Updated: 2024-08-04T05:10:35.321Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46590 vulnerable 2026-06-03 14:45:44.679343 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15384.
Published: 2022-02-18T19:45:03.000Z
Updated: 2024-08-04T05:10:35.331Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46589 vulnerable 2026-06-03 14:45:44.678983 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15383.
Published: 2022-02-18T19:45:00.000Z
Updated: 2024-08-04T05:10:35.243Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46588 vulnerable 2026-06-03 14:45:44.678615 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15382.
Published: 2022-02-18T19:44:59.000Z
Updated: 2024-08-04T05:10:35.247Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46587 vulnerable 2026-06-03 14:45:44.678242 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15381.
Published: 2022-02-18T19:44:57.000Z
Updated: 2024-08-04T05:10:35.259Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46586 vulnerable 2026-06-03 14:45:44.677846 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15380.
Published: 2022-02-18T19:44:56.000Z
Updated: 2024-08-04T05:10:35.258Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46585 vulnerable 2026-06-03 14:45:44.677473 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15379.
Published: 2022-02-18T19:44:54.000Z
Updated: 2024-08-04T05:10:35.320Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46584 vulnerable 2026-06-03 14:45:44.677084 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15378.
Published: 2022-02-18T19:44:52.000Z
Updated: 2024-08-04T05:10:35.322Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46583 vulnerable 2026-06-03 14:45:44.676692 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15377.
Published: 2022-02-18T19:44:51.000Z
Updated: 2024-08-04T05:10:35.276Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46582 vulnerable 2026-06-03 14:45:44.676348 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15376.
Published: 2022-02-18T19:44:49.000Z
Updated: 2024-08-04T05:10:35.244Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46581 vulnerable 2026-06-03 14:45:44.675986 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15375.
Published: 2022-02-18T19:44:48.000Z
Updated: 2024-08-04T05:10:35.246Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46580 vulnerable 2026-06-03 14:45:44.675609 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15374.
Published: 2022-02-18T19:44:46.000Z
Updated: 2024-08-04T05:10:35.327Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46579 vulnerable 2026-06-03 14:45:44.675138 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15373.
Published: 2022-02-18T19:44:45.000Z
Updated: 2024-08-04T05:10:35.362Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46578 vulnerable 2026-06-03 14:45:44.674781 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15372.
Published: 2022-02-18T19:44:43.000Z
Updated: 2024-08-04T05:10:35.257Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46577 vulnerable 2026-06-03 14:45:44.674429 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15371.
Published: 2022-02-18T19:44:42.000Z
Updated: 2024-08-04T05:10:35.279Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46576 vulnerable 2026-06-03 14:45:44.674042 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15370.
Published: 2022-02-18T19:44:40.000Z
Updated: 2024-08-04T05:10:35.310Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46575 vulnerable 2026-06-03 14:45:44.673665 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15369.
Published: 2022-02-18T19:44:39.000Z
Updated: 2024-08-04T05:10:35.314Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46574 vulnerable 2026-06-03 14:45:44.673299 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15368.
Published: 2022-02-18T19:44:37.000Z
Updated: 2024-08-04T05:10:35.329Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46573 vulnerable 2026-06-03 14:45:44.672927 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15367.
Published: 2022-02-18T19:44:36.000Z
Updated: 2024-08-04T05:10:35.217Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46572 vulnerable 2026-06-03 14:45:44.672554 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15366.
Published: 2022-02-18T19:44:34.000Z
Updated: 2024-08-04T05:10:35.274Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46571 vulnerable 2026-06-03 14:45:44.672123 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15365.
Published: 2022-02-18T19:44:33.000Z
Updated: 2024-08-04T05:10:35.295Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46570 vulnerable 2026-06-03 14:45:44.671736 Details available
HIGH (7.8)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15364.
Published: 2022-02-18T19:44:31.000Z
Updated: 2024-08-04T05:10:35.352Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46569 vulnerable 2026-06-03 14:45:44.671421 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15031.
Published: 2022-02-18T19:44:30.000Z
Updated: 2024-08-04T05:10:35.232Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46568 vulnerable 2026-06-03 14:45:44.671034 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15030.
Published: 2022-02-18T19:44:29.000Z
Updated: 2024-08-04T05:10:35.343Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46567 vulnerable 2026-06-03 14:45:44.670655 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15028.
Published: 2022-02-18T19:44:27.000Z
Updated: 2024-08-04T05:10:35.284Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46566 vulnerable 2026-06-03 14:45:44.670242 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15027.
Published: 2022-02-18T19:44:26.000Z
Updated: 2024-08-04T05:10:35.283Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46565 vulnerable 2026-06-03 14:45:44.669749 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15024.
Published: 2022-02-18T19:44:24.000Z
Updated: 2024-08-04T05:10:35.143Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46564 vulnerable 2026-06-03 14:45:44.667934 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15023.
Published: 2022-02-18T19:44:23.000Z
Updated: 2024-08-04T05:10:35.197Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46563 vulnerable 2026-06-03 14:45:44.667537 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14990.
Published: 2022-02-18T19:44:21.000Z
Updated: 2024-08-04T05:10:34.972Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-46562 vulnerable 2026-06-03 14:45:44.667028 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14987.
Published: 2022-02-18T19:44:20.000Z
Updated: 2024-08-04T05:10:35.145Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34946 vulnerable 2026-06-03 14:44:48.417380 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15055.
Published: 2022-01-13T21:44:30.000Z
Updated: 2024-08-04T00:26:55.665Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34945 vulnerable 2026-06-03 14:44:48.416947 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15054.
Published: 2022-01-13T21:44:29.000Z
Updated: 2024-08-04T00:26:55.759Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34944 vulnerable 2026-06-03 14:44:48.416601 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15052.
Published: 2022-01-13T21:44:27.000Z
Updated: 2024-08-04T00:26:55.717Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34943 vulnerable 2026-06-03 14:44:48.416235 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15051.
Published: 2022-01-13T21:44:26.000Z
Updated: 2024-08-04T00:26:55.736Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34942 vulnerable 2026-06-03 14:44:48.415775 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15041.
Published: 2022-01-13T21:44:25.000Z
Updated: 2024-08-04T00:26:55.762Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34941 vulnerable 2026-06-03 14:44:48.415451 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15040.
Published: 2022-01-13T21:44:24.000Z
Updated: 2024-08-04T00:26:55.646Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34940 vulnerable 2026-06-03 14:44:48.415111 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15039.
Published: 2022-01-13T21:44:23.000Z
Updated: 2024-08-04T00:26:55.656Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34939 vulnerable 2026-06-03 14:44:48.414776 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14996.
Published: 2022-01-13T21:44:22.000Z
Updated: 2024-08-04T00:26:55.682Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34938 vulnerable 2026-06-03 14:44:48.414448 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14995.
Published: 2022-01-13T21:44:20.000Z
Updated: 2024-08-04T00:26:55.708Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34937 vulnerable 2026-06-03 14:44:48.414112 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14915.
Published: 2022-01-13T21:44:19.000Z
Updated: 2024-08-04T00:26:55.684Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34936 vulnerable 2026-06-03 14:44:48.413788 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14914.
Published: 2022-01-13T21:44:18.000Z
Updated: 2024-08-04T00:26:55.656Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34935 vulnerable 2026-06-03 14:44:48.413457 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14913.
Published: 2022-01-13T21:44:17.000Z
Updated: 2024-08-04T00:26:55.635Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34934 vulnerable 2026-06-03 14:44:48.413115 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14912.
Published: 2022-01-13T21:44:15.000Z
Updated: 2024-08-04T00:26:55.689Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34933 vulnerable 2026-06-03 14:44:48.412782 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14911.
Published: 2022-01-13T21:44:14.000Z
Updated: 2024-08-04T00:26:55.598Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34932 vulnerable 2026-06-03 14:44:48.412446 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14910.
Published: 2022-01-13T21:44:13.000Z
Updated: 2024-08-04T00:26:55.666Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34931 vulnerable 2026-06-03 14:44:48.412101 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14909.
Published: 2022-01-13T21:44:12.000Z
Updated: 2024-08-04T00:26:55.847Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34930 vulnerable 2026-06-03 14:44:48.411772 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14908.
Published: 2022-01-13T21:44:11.000Z
Updated: 2024-08-04T00:26:55.595Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34929 vulnerable 2026-06-03 14:44:48.411440 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14907.
Published: 2022-01-13T21:44:09.000Z
Updated: 2024-08-04T00:26:55.507Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34928 vulnerable 2026-06-03 14:44:48.411098 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14906.
Published: 2022-01-13T21:44:08.000Z
Updated: 2024-08-04T00:26:55.609Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34927 vulnerable 2026-06-03 14:44:48.410739 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14905.
Published: 2022-01-13T21:44:07.000Z
Updated: 2024-08-04T00:26:55.609Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34926 vulnerable 2026-06-03 14:44:48.410400 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14904.
Published: 2022-01-13T21:44:05.000Z
Updated: 2024-08-04T00:26:55.479Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34925 vulnerable 2026-06-03 14:44:48.409978 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14903.
Published: 2022-01-13T21:44:04.000Z
Updated: 2024-08-04T00:26:55.504Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34924 vulnerable 2026-06-03 14:44:48.409634 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14902.
Published: 2022-01-13T21:44:03.000Z
Updated: 2024-08-04T00:26:55.219Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34923 vulnerable 2026-06-03 14:44:48.409298 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14901.
Published: 2022-01-13T21:44:00.000Z
Updated: 2024-08-04T00:26:55.684Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34922 vulnerable 2026-06-03 14:44:48.408963 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14900.
Published: 2022-01-13T21:43:59.000Z
Updated: 2024-08-04T00:26:55.390Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34921 vulnerable 2026-06-03 14:44:48.408616 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14899.
Published: 2022-01-13T21:43:58.000Z
Updated: 2024-08-04T00:26:55.661Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34920 vulnerable 2026-06-03 14:44:48.408278 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14898.
Published: 2022-01-13T21:43:57.000Z
Updated: 2024-08-04T00:26:55.788Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34919 vulnerable 2026-06-03 14:44:48.407933 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14897.
Published: 2022-01-13T21:43:56.000Z
Updated: 2024-08-04T00:26:55.599Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34918 vulnerable 2026-06-03 14:44:48.407584 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. Crafted data in a JP2 file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14896.
Published: 2022-01-13T21:43:54.000Z
Updated: 2024-08-04T00:26:55.715Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34917 vulnerable 2026-06-03 14:44:48.407229 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14895.
Published: 2022-01-13T21:43:53.000Z
Updated: 2024-08-04T00:26:55.558Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34916 vulnerable 2026-06-03 14:44:48.406779 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14894.
Published: 2022-01-13T21:43:52.000Z
Updated: 2024-08-04T00:26:55.471Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34915 vulnerable 2026-06-03 14:44:48.406431 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. Crafted data in a J2K file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14893.
Published: 2022-01-13T21:43:51.000Z
Updated: 2024-08-04T00:26:55.476Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34914 vulnerable 2026-06-03 14:44:48.406077 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14892.
Published: 2022-01-13T21:43:50.000Z
Updated: 2024-08-04T00:26:55.634Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34913 vulnerable 2026-06-03 14:44:48.405611 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14831.
Published: 2022-01-13T21:43:48.000Z
Updated: 2024-08-04T00:26:55.739Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34912 vulnerable 2026-06-03 14:44:48.405268 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14885.
Published: 2022-01-13T21:43:47.000Z
Updated: 2024-08-04T00:26:55.367Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34911 vulnerable 2026-06-03 14:44:48.404926 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14884.
Published: 2022-01-13T21:43:46.000Z
Updated: 2024-08-04T00:26:55.242Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34910 vulnerable 2026-06-03 14:44:48.404592 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14883.
Published: 2022-01-13T21:43:45.000Z
Updated: 2024-08-04T00:26:55.466Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34909 vulnerable 2026-06-03 14:44:48.404238 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14882.
Published: 2022-01-13T21:43:43.000Z
Updated: 2024-08-04T00:26:55.249Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34908 vulnerable 2026-06-03 14:44:48.403898 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14881.
Published: 2022-01-13T21:43:42.000Z
Updated: 2024-08-04T00:26:55.205Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34907 vulnerable 2026-06-03 14:44:48.403565 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14880.
Published: 2022-01-13T21:43:41.000Z
Updated: 2024-08-04T00:26:55.127Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34906 vulnerable 2026-06-03 14:44:48.403209 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14879.
Published: 2022-01-13T21:43:40.000Z
Updated: 2024-08-04T00:26:55.251Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34905 vulnerable 2026-06-03 14:44:48.402650 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14878.
Published: 2022-01-13T21:43:38.000Z
Updated: 2024-08-04T00:26:55.204Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34904 vulnerable 2026-06-03 14:44:48.402321 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14877.
Published: 2022-01-13T21:43:37.000Z
Updated: 2024-08-04T00:26:55.503Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34903 vulnerable 2026-06-03 14:44:48.401989 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. Crafted data in a BMP file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14876.
Published: 2022-01-13T21:43:36.000Z
Updated: 2024-08-04T00:26:54.994Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34902 vulnerable 2026-06-03 14:44:48.401653 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14875.
Published: 2022-01-13T21:43:34.000Z
Updated: 2024-08-04T00:26:55.208Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34901 vulnerable 2026-06-03 14:44:48.401302 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14874.
Published: 2022-01-13T21:43:33.000Z
Updated: 2024-08-04T00:26:54.993Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34900 vulnerable 2026-06-03 14:44:48.400961 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14867.
Published: 2022-01-13T21:43:32.000Z
Updated: 2024-08-04T00:26:55.051Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34899 vulnerable 2026-06-03 14:44:48.400629 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14866.
Published: 2022-01-13T21:43:31.000Z
Updated: 2024-08-04T00:26:55.028Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34898 vulnerable 2026-06-03 14:44:48.400301 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14865.
Published: 2022-01-13T21:43:30.000Z
Updated: 2024-08-04T00:26:55.268Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34897 vulnerable 2026-06-03 14:44:48.399955 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14864.
Published: 2022-01-13T21:43:29.000Z
Updated: 2024-08-04T00:26:54.958Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34896 vulnerable 2026-06-03 14:44:48.399613 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14863.
Published: 2022-01-13T21:43:27.000Z
Updated: 2024-08-04T00:26:55.421Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34895 vulnerable 2026-06-03 14:44:48.399273 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14862.
Published: 2022-01-13T21:43:26.000Z
Updated: 2024-08-04T00:26:54.960Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34894 vulnerable 2026-06-03 14:44:48.398935 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14847.
Published: 2022-01-13T21:43:25.000Z
Updated: 2024-08-04T00:26:54.968Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34893 vulnerable 2026-06-03 14:44:48.398591 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14846.
Published: 2022-01-13T21:43:24.000Z
Updated: 2024-08-04T00:26:54.933Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34892 vulnerable 2026-06-03 14:44:48.398246 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14845.
Published: 2022-01-13T21:43:23.000Z
Updated: 2024-08-04T00:26:55.048Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34891 vulnerable 2026-06-03 14:44:48.397906 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14844.
Published: 2022-01-13T21:43:22.000Z
Updated: 2024-08-04T00:26:54.695Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34890 vulnerable 2026-06-03 14:44:48.397565 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14843.
Published: 2022-01-13T21:43:20.000Z
Updated: 2024-08-04T00:26:54.690Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34889 vulnerable 2026-06-03 14:44:48.397215 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14842.
Published: 2022-01-13T21:43:19.000Z
Updated: 2024-08-04T00:26:55.210Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34888 vulnerable 2026-06-03 14:44:48.396845 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14841.
Published: 2022-01-13T21:43:18.000Z
Updated: 2024-08-04T00:26:54.664Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34887 vulnerable 2026-06-03 14:44:48.396488 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14840.
Published: 2022-01-13T21:43:17.000Z
Updated: 2024-08-04T00:26:54.958Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34886 vulnerable 2026-06-03 14:44:48.396108 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14839.
Published: 2022-01-13T21:43:16.000Z
Updated: 2024-08-04T00:26:54.705Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34885 vulnerable 2026-06-03 14:44:48.395650 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14838.
Published: 2022-01-13T21:43:14.000Z
Updated: 2024-08-04T00:26:54.695Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34884 vulnerable 2026-06-03 14:44:48.395315 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14837.
Published: 2022-01-13T21:43:13.000Z
Updated: 2024-08-04T00:26:54.671Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34883 vulnerable 2026-06-03 14:44:48.394965 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14836.
Published: 2022-01-13T21:43:12.000Z
Updated: 2024-08-04T00:26:54.684Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34882 vulnerable 2026-06-03 14:44:48.394614 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14835.
Published: 2022-01-13T21:43:10.000Z
Updated: 2024-08-04T00:26:54.678Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34881 vulnerable 2026-06-03 14:44:48.394272 Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14834.
Published: 2022-01-13T21:43:09.000Z
Updated: 2024-08-04T00:26:54.672Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34880 vulnerable 2026-06-03 14:44:48.393913 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14833.
Published: 2022-01-13T21:43:08.000Z
Updated: 2024-08-04T00:26:54.697Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34879 vulnerable 2026-06-03 14:44:48.393459 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14832.
Published: 2022-01-13T21:43:07.000Z
Updated: 2024-08-04T00:26:54.667Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34878 vulnerable 2026-06-03 14:44:48.392899 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14830.
Published: 2022-01-13T21:43:05.000Z
Updated: 2024-08-04T00:26:54.697Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34877 vulnerable 2026-06-03 14:44:48.392564 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14829.
Published: 2022-01-13T21:43:04.000Z
Updated: 2024-08-04T00:26:54.660Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34876 vulnerable 2026-06-03 14:44:48.392218 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14828.
Published: 2022-01-13T21:43:03.000Z
Updated: 2024-08-04T00:26:54.587Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34875 vulnerable 2026-06-03 14:44:48.391854 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14827.
Published: 2022-01-13T21:43:01.000Z
Updated: 2024-08-04T00:26:54.653Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34874 vulnerable 2026-06-03 14:44:48.391507 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14736.
Published: 2022-01-13T21:43:00.000Z
Updated: 2024-08-04T00:26:54.701Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34873 vulnerable 2026-06-03 14:44:48.391136 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14696.
Published: 2022-01-13T21:42:59.000Z
Updated: 2024-08-04T00:26:54.669Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34872 vulnerable 2026-06-03 14:44:48.390753 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14737.
Published: 2022-01-13T21:42:57.000Z
Updated: 2024-08-04T00:26:54.591Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34871 vulnerable 2026-06-03 14:44:48.387799 Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14695.
Published: 2022-01-13T21:42:56.000Z
Updated: 2024-08-04T00:26:54.583Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.