108 matches found
CVE-2023-5630
A CWE-494: Download of Code Without Integrity Check vulnerability exists that could allow a privileged user to install an untrusted firmware...
CVE-2023-22635
A download of code without Integrity check vulnerability CWE-494 in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate...
CVE-2023-41921
A vulnerability allows attackers to download source code or an executable from a remote location and execute the code without sufficiently verifying the origin and integrity of the code. This vulnerability can allow attackers to modify the firmware before uploading it to the system, thus achievin...
CVE-2022-1585
The Project Source Code Download WordPress plugin through 1.0.0 does not protect its backup generation and download functionalities, which may allow any visitors on the site to download the entire site, including sensitive files like wp-config.php...
MAL-2025-191803 Malicious code in network-utils-simple (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1fd943d3243197ac153b2623548e62b4225a59f611cf13fe962bc3ced369a32d During installation, there is an attempt to download and execute code. The package has no real functionality. --- Category: MALICIOUS - The campaign has clearl...
CVE-2025-1058
CWE-494: Download of Code Without Integrity Check vulnerability exists that could render the device inoperable when malicious firmware is downloaded...
CVE-2025-1058
CWE-494: Download of Code Without Integrity Check vulnerability exists that could render the device inoperable when malicious firmware is downloaded...
Faculty Evaluation System 1.0 Cross Site Request Forgery
============================================================================================================================================= | Title : Faculty Evaluation System 1.0 CSRF Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
CVE-2024-45321
The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers...
ROS-20240704-10
A vulnerability in the python38.pth file of the Python programming language interpreter is related to ignoring the sys.path constraints specified in python38.pth . Exploitation of the vulnerability could allow an attacker acting remotely to download code from arbitrary locations A vulnerability i...
IO-1020 Micro ELD 安全漏洞
The IOSiX IO-1020 Micro ELD is an electronic logging device from IOSiX USA. A security vulnerability exists in versions prior to the IO-1020 Micro ELD 360 that originates from the ability to download source code or executable files from an adjacent location without sufficiently verifying the orig...
Simple Inventory Management System v1.0 - (email) SQL Injection Vulnerability
Exploit Title: Simple Inventory Management System v1.0 - 'email' SQL Injection Application: Simple Inventory Management System Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
CVE-2023-46144
A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices...
Design/Logic Flaw
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR SDK allows an unauthenticated remote attacker to download and execute applications without integrity checks on the device which may result in a complete loss of integrity...
CVE-2023-5630
A CWE-494: Download of Code Without Integrity Check vulnerability exists that could allow a privileged user to install an untrusted firmware...
PHOENIX CONTACT ProConOS/ProConOS eCLR Security Vulnerabilities
PHOENIX CONTACT ProConOS/ProConOS eCLR is a series of embedded automation devices from PHOENIX CONTACT, Germany. A security vulnerability exists in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR SDK, which originates from a code download without integrity check vulnerability in the...
Schneider Electric ION8650 and ION8800 Security Vulnerabilities
The Schneider Electric ION8650 and Schneider Electric ION8800 are both next-generation outlet and switchboard meters for utility network monitoring from Schneider Electric France. A security vulnerability exists in the Schneider Electric ION8650 and ION8800 that stems from the presence of a code...
PT-2023-7874 · Phoenix Contact · Phoenix Contact Multiprog +1
Name of the Vulnerable Software and Affected Versions: PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR SDK affected versions not specified Description: The issue is related to the download of code without integrity checks, allowing an unauthenticated remote attacker to download and execu...
CVE-2023-37220
Synel Terminals - CWE-494: Download of Code Without Integrity Check...
CVE-2023-37220
Synel Terminals - CWE-494: Download of Code Without Integrity Check...