Common Vulnerability Exposure Program
Bentley is enacting a Common Vulnerability Exposure (CVE) program. Bentley strives to publish important security advisories that help our users mitigate risks for a subset of our desktop products. These advisory pages are Bentley’s source of information to our user community for potential risks in our products. Although we generally recommend updating to the latest product versions, some advisories include more detailed information about risk mitigation and specifics of affected versions which should be reviewed before updating. Our advisories are often linked with CVE entries. This process, the information in the advisories, and the website are all subject to change.
BE-2023-0002
Assetwise Integrity Information Server information disclosure
Publication Date: 2023-11-21
BE-2023-0001
Seequent LeapFrog WebP Heap-Based Buffer Overflow Vulnerability
Publication Date: 2023-10-27
BE-2022-0020
DGN File Parsing Out-of-bounds Read and Stack Overflow Vulnerabilities in MicroStation and MicroStation-based applications
Publication Date: 2022-10-20
BE-2022-0019
FBX File Parsing Out-of-bounds Read Vulnerabilities and Head Overflow in MicroStation and MicroStation-based applications
Publication Date: 2022-10-12
BE-2022-0018
XMT File Parsing Out-of-bounds and Stack Overflow vulnerabilities in MicroStation and MicroStation-based applications
Publication Date: 2022-10-12
BE-2022-0017
SKP File Parsing Out-of-bounds Read Vulnerabilities and Stack Overflow in MicroStation and MicroStation-based applications
Publication Date: 2022-10-12
BE-2022-0016
OBJ File Parsing Out-of-bounds Read Vulnerabilities in MicroStation and MicroStation-based applications
Publication Date: 2022-07-13
BE-2022-0015
JP2 File Parsing Out-of-bounds Read Vulnerabilities in MicroStation and MicroStation-based applications
Publication Date: 2022-07-13
BE-2022-0014
J2K File Parsing Out-of-bounds Read Vulnerabilities in MicroStation and MicroStation-based applications
Publication Date: 2022-07-13