Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-494

CWE-494

Medium likelihood

Download of Code Without Integrity Check

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

204 vulnerabilities with CWE-494

CVE-2025-15556 HIGH KEV

Notepad++ < 8.8.9 - Download of Code Without Integrity Check in WinGUp Updater

CVE-2025-69263 HIGH

pnpm < 10.26.0 - Download of Code Without Integrity Check via HTTP Tarball Dependencies

CVE-2025-68109 CRITICAL

ChurchCRM < 6.5.3 - Remote Code Execution via Database Restore File Upload

CVE-2025-65855 MEDIUM

Netun Solutions HelpFlash IoT v18_178_221102_ASCII_PRO_1R5_50 - RCE

CVE-2025-55310 HIGH

Foxit PDF & Editor <13.2-2025.2 - Info Disclosure

CVE-2025-14265 CRITICAL

ScreenConnect <25.8 - Code Injection

CVE-2025-66334 LOW

HarmonyOS - Denial of Service in Office Service

CVE-2025-66333 LOW

HarmonyOS - Denial of Service in Office Service

CVE-2025-66332 LOW

HarmonyOS - Denial of Service in Office Service

CVE-2025-66331 LOW

HarmonyOS - Denial of Service in Office Service

CVE-2025-61228 HIGH

Shirt Pocket SuperDuper! <3.10 - RCE

CVE-2025-63434 HIGH

Xtooltech Xtool AnyScan Android App <4.40.40 - RCE

CVE-2025-40604 CRITICAL

SonicWall Email Security Appliance Firmware < 10.0.33.8195 - Download of Code Without Integrity Check

CVE-2025-63220 HIGH

Sound4 FIRST - Remote Code Execution via Malicious Firmware Update Package

CVE-2025-63215 HIGH

Sound4 IMPACT Firmware - Remote Code Execution via Malicious Firmware Update Package

CVE-2025-52263 HIGH

Startcharge Artemis AC Charger 7-22 kW v1.0.4 - Authenticated RCE

CVE-2025-11493 HIGH

ConnectWise Automate < 2025.9 - Download of Code Without Integrity Check

CVE-2025-11182 MEDIUM

GTONE ChangeFlow <9.0.1.1 - Path Traversal

CVE-2025-56513 CRITICAL

NiceHash QuickMiner 6.12.0 - Remote Code Execution via Unauthenticated Update Hijacking

CVE-2025-34212 CRITICAL

Vasion Print Virtual Appliance Host <22.0.843 & Application <20.0.1923 Supply Chain Attack

CVE-2025-57431 HIGH

Sound4 PULSE-ECO AES67 Firmware 1.22 - Remote Code Execution via Malicious Firmware Update Package

CVE-2025-9319 HIGH

Lenovo Wallpaper Client < 3.0.70.3301 - Remote Code Execution via Untrusted Code Download

CVE-2025-30199 HIGH

ECOVACS Deebot Firmware - Unauthenticated Firmware Update Spoofing via Insecure OTA Connection

CVE-2025-55582 MEDIUM

D-Link DCS-825L <1.08.01 - Privilege Escalation

CVE-2025-35115 HIGH

Agiloft 19-28 - Download of Code Without Integrity Check via Insecure HTTP Connection

Previous Page 2 of 9 Next

Details

Vulnerabilities 204

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy