Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-494

CWE-494

Medium likelihood

Download of Code Without Integrity Check

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

204 vulnerabilities with CWE-494

CVE-2019-16760 MEDIUM

Cargo <Rust 1.26.0 - Info Disclosure

CVE-2019-13534 HIGH

Philips IntelliVue - Code Injection

CVE-2019-12809 HIGH

Yes24 Viewer ActiveX < 1.0.327.50126 - Remote Code Execution via Arbitrary File Download

CVE-2019-12162 HIGH

Upwork Time Tracker <5.2.2.716 - Code Injection

CVE-2019-5982 HIGH

VAIO Update < 7.3.0.03150 - Download of Code Without Integrity Check via Malicious Wireless LAN Access Point

CVE-2019-7229 HIGH

ABB CP635 HMI - Unauthenticated Firmware Download Without Integrity Check

CVE-2019-12728 HIGH

Grails < 3.3.10 - Cleartext HTTP Dependency Resolution

CVE-2019-10249 HIGH

Xtext & Xtend <2.18.0 - Info Disclosure

CVE-2019-3801 CRITICAL

Cloud Foundry cf-deployment < 7.9.0 - Cleartext Transmission of Sensitive Information

CVE-2019-10248 HIGH

Eclipse Vorto <0.11 - Info Disclosure

CVE-2019-10240 HIGH

Eclipse hawkBit < 0.3.0M2 - Cleartext Transmission of Sensitive Information via Maven Build Artifacts

CVE-2018-5409 CRITICAL

PrinterLogic Print Management <18.3.1.96 - Code Injection

CVE-2018-4009 HIGH

Shimo VPN - Privilege Escalation via Improper Code Signing Validation

CVE-2018-19234 HIGH

COMPAREX Miss Marple Enterprise <2.0 - RCE

CVE-2018-14620 MEDIUM

OpenStack RabbitMQ Container - SSRF

CVE-2018-13012 HIGH

Safensoft Softcontrol Enterprise Suite < 4.4.12 - Download Without Integrity Check

CVE-2017-12740 MEDIUM

Siemens LOGO! Soft Comfort < 8.2 - Remote Code Execution via Unprotected Software Package Download

CVE-2017-2739 LOW

Huawei Vmall < 1.5.3.0 - Unauthenticated Code Download Integrity Failure

CVE-2017-2707 HIGH

Huawei Mate 9 Firmware MHA-AL00AC00B125 - Privilege Escalation via Push Module Rich Media Message Handling

CVE-2017-12306 MEDIUM

Cisco Spark Board - Privilege Escalation

CVE-2017-13083 MEDIUM

Rufus < 2.17 - Improper Certificate Validation in Update Mechanism

CVE-2016-6567 CRITICAL

SHDesigns Resident Download Manager - RCE

CVE-2016-6564 HIGH

Multiple Android Firmware - Unauthenticated Remote Code Execution via OTA Update Mechanism

Sensys Networks VSN240-F/VSN240-T <2.10.1/2.10.3 - RCE

CVE-2010-3440 MEDIUM

babiloo <2.0.11 - Local File Overwrite

Previous Page 8 of 9 Next

Details

Vulnerabilities 204

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy