CWE-494

Medium likelihood

Download of Code Without Integrity Check

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

204 vulnerabilities with CWE-494
CVE-2008-3324 HIGH
PartyGaming PartyPoker <121/120 - RCE
CVSS 8.1
CVE-2008-3438 HIGH
macOS < 10.5.4 - Remote Code Execution via Unverified Update
CVSS 8.1
CVE-2002-0671 CRITICAL
Pingtel xpressa_firmware 1.2.5-1.2.7.4 - Unauthenticated Trojan Horse Application Installation via DNS Spoofing
CVSS 9.8
CVE-2001-1125 CRITICAL
Symantec LiveUpdate < 1.6 - Remote Code Execution via DNS Spoofing
CVSS 9.8
Details
Vulnerabilities 204
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits