Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-354

CWE-354

Medium likelihood

Improper Validation of Integrity Check Value

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.

160 vulnerabilities with CWE-354

CVE-2024-23462 LOW

Zscaler Client Connector <3.4 - DoS

CVE-2024-23461 MEDIUM

Zscaler Client Connector <3.4 - RCE

CVE-2024-32883 HIGH

MCUboot <= 1.11.0 - Improper Validation of Integrity Check Value in TLV Structure

CVE-2024-25678 CRITICAL

LiteSpeed QUIC <4.0.4 - Info Disclosure

CVE-2024-23790 LOW

OTRS <7.0.48-8.0.37-2023.1.1 - Info Disclosure

CVE-2023-50738 MEDIUM

Lexmark Printer Firmware <230.041, 230.075-230.086, 230.100-230.104, 230.200-230.209 - Firmware Downgrade Bypass

CVE-2023-33206 MEDIUM

Diebold Nixdorf VSS <4.3.0 - Info Disclosure

CVE-2023-24063 MEDIUM

Diebold Nixdorf VSS <3.3.0 SR10 - Info Disclosure

CVE-2023-41970 MEDIUM

Zscaler Client Connector <4.1.0.62 - RCE

CVE-2023-42143 MEDIUM

Shelly TRV Firmware 20220811-152343/v2.1.8@5afc928c - Missing Integrity Check

CVE-2023-48795 MEDIUM

OpenSSH <9.6 - Open Redirect

CVE-2023-36650 HIGH

ProLion CryptoSpike 3.0.15P2 - Command Injection

CVE-2023-28802 MEDIUM

Zscaler Client Connector <4.2.0.149 - Privilege Escalation

CVE-2023-28002 MEDIUM

FortiOS <7.2.3, <7.0.12, all 6.x - Code Injection

CVE-2023-45150 MEDIUM

Nextcloud Calendar < 4.4.4 - Denial of Service via Email Address Validation

CVE-2023-4929 MEDIUM

NPort 5000 Series - Improper Validation

CVE-2023-20233 MEDIUM

Cisco IOS XR < 7.5.4 - Unauthenticated Denial of Service via Crafted Continuity Check Messages

CVE-2023-38802 HIGH

FRRouting 7.5.1-9.0 - Denial of Service via Corrupted BGP Tunnel Encapsulation Attribute

CVE-2023-2975 MEDIUM

OpenSSL 3.0.0-3.0.8 - Improper Authentication in AES-SIV Cipher

CVE-2023-33668 CRITICAL

DigiExam < 14.0.2 - Unauthenticated Account Takeover via Native Module Integrity Check Bypass

CVE-2023-36537 HIGH

Zoom Rooms for Windows <5.14.5 - Privilege Escalation

CVE-2023-30673 MEDIUM

Smart Switch PC <4.3.23052_1 - Path Traversal

CVE-2023-34459 MEDIUM

OpenZeppelin Contracts <4.9.2 - Code Injection

CVE-2023-31439 MEDIUM

systemd 253 - Log File Integrity Check Bypass via Sealed Log Manipulation

CVE-2023-31438 MEDIUM

systemd 253 - Log File Integrity Check Bypass via Truncation

Previous Page 3 of 7 Next

Details

Vulnerabilities 160

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy