VYPR
Vendor

Bentley

Products
9
CVEs
138
Across products
147
Status
Private

Products

9

Recent CVEs

138
View all 138 CVEs →
  • CVE-2024-27455CriFeb 26, 2024
    risk 0.59cvss 9.1epss 0.01

    In the Bentley ALIM Web application, certain configuration settings can cause exposure of a user's ALIM session token when the user attempts to download files. This is fixed in Assetwise ALIM Web 23.00.04.04 and Assetwise Information Integrity Server 23.00.02.03.

  • CVE-2026-35383MedApr 2, 2026
    risk 0.42cvss 6.5epss 0.00

    Bentley Systems iTwin Platform exposed a Cesium ion access token in the source of some web pages. An unauthenticated attacker could use this token to enumerate or delete certain assets. As of 2026-03-27, the token is no longer present in the web pages and cannot be used to…

  • CVE-2024-53007MedJan 31, 2025
    risk 0.42cvss 6.4epss 0.00

    Bentley Systems ProjectWise Integration Server before 10.00.03.288 allows unintended SQL query execution by an authenticated user via an API call.

  • CVE-2023-51708Dec 22, 2023
    risk 0.00cvss epss 0.00

    Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and…

  • CVE-2022-28312Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious…

  • CVE-2022-28318Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-28641Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-28302Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-28301Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-28644Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-28643Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-28317Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-28645Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.…

  • CVE-2022-28311Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-28313Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious…

  • CVE-2022-28314Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-28319Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-28646Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.2.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-28300Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation 10.16.02.034 CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-28306Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…