Vulnerabilities > Download of Code Without Integrity Check
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-04 | CVE-2019-12728 | Download of Code Without Integrity Check vulnerability in Grails Grails before 3.3.10 used cleartext HTTP to resolve the SDKMan notification service. | 8.1 |
| 2019-04-15 | CVE-2018-4009 | Download of Code Without Integrity Check vulnerability in Shimovpn Shimo VPN 4.1.5.1 An exploitable privilege escalation vulnerability exists in the Shimo VPN helper service due to improper validation of code signing. | 7.8 |
| 2018-12-20 | CVE-2018-19234 | Download of Code Without Integrity Check vulnerability in Comparex Miss Marple The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation. | 8.8 |
| 2018-06-29 | CVE-2018-13012 | Download of Code Without Integrity Check vulnerability in Safensoft products Download of code with improper integrity check in snsupd.exe and upd.exe in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.12 allows the remote attacker to execute unauthorized code by substituting a forged update server. | 8.1 |
| 2017-11-22 | CVE-2017-2739 | Download of Code Without Integrity Check vulnerability in Huawei Vmall 1.5.2.0 The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 versions is transferred through HTTP. | 3.1 |
| 2017-11-22 | CVE-2017-2707 | Download of Code Without Integrity Check vulnerability in Huawei Mate 9 Firmware Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. | 7.1 |
| 2017-11-16 | CVE-2017-12306 | Download of Code Without Integrity Check vulnerability in Cisco Conference Director 20170815 A vulnerability in the upgrade process of Cisco Spark Board could allow an authenticated, local attacker to install an unverified upgrade package, aka Signature Verification Bypass. | 4.4 |
| 2017-10-18 | CVE-2017-13083 | Download of Code Without Integrity Check vulnerability in Rufus Project Rufus 2.17 Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code | 8.1 |
| 2008-08-18 | CVE-2008-3324 | Download of Code Without Integrity Check vulnerability in Party Gaming Party Poker Client 121120 The PartyGaming PartyPoker client program 121/120 does not properly verify the authenticity of updates, which allows remote man-in-the-middle attackers to execute arbitrary code via a Trojan horse update. | 8.1 |
| 2008-08-01 | CVE-2008-3438 | Download of Code Without Integrity Check vulnerability in Apple mac OS X Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | 8.1 |