Vulnerabilities > Download of Code Without Integrity Check
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-05 | CVE-2019-5982 | Download of Code Without Integrity Check vulnerability in Sony Vaio Update 7.3.0.03150 Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. | 5.4 |
| 2019-06-24 | CVE-2019-7229 | Download of Code Without Integrity Check vulnerability in ABB products The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilization of USB/SD Card to flash the device" and "Remote provisioning process via ABB Panel Builder 600 over FTP." Neither of these transmission methods implements any form of encryption or authenticity checks against the new firmware HMI software binary files. | 5.4 |
| 2019-06-04 | CVE-2019-12728 | Download of Code Without Integrity Check vulnerability in Grails Grails before 3.3.10 used cleartext HTTP to resolve the SDKMan notification service. | 6.8 |
| 2019-04-15 | CVE-2018-4009 | Download of Code Without Integrity Check vulnerability in Shimovpn Shimo VPN 4.1.5.1 An exploitable privilege escalation vulnerability exists in the Shimo VPN helper service due to improper validation of code signing. | 7.8 |
| 2018-12-20 | CVE-2018-19234 | Download of Code Without Integrity Check vulnerability in Comparex Miss Marple The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation. | 9.0 |
| 2018-06-29 | CVE-2018-13012 | Download of Code Without Integrity Check vulnerability in Safensoft products Download of code with improper integrity check in snsupd.exe and upd.exe in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.12 allows the remote attacker to execute unauthorized code by substituting a forged update server. | 6.8 |
| 2017-11-22 | CVE-2017-2739 | Download of Code Without Integrity Check vulnerability in Huawei Vmall 1.5.2.0 The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 versions is transferred through HTTP. | 2.9 |
| 2017-11-22 | CVE-2017-2707 | Download of Code Without Integrity Check vulnerability in Huawei Mate 9 Firmware Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. | 5.8 |
| 2017-11-16 | CVE-2017-12306 | Download of Code Without Integrity Check vulnerability in Cisco Conference Director 20170815 A vulnerability in the upgrade process of Cisco Spark Board could allow an authenticated, local attacker to install an unverified upgrade package, aka Signature Verification Bypass. | 2.1 |
| 2017-10-18 | CVE-2017-13083 | Download of Code Without Integrity Check vulnerability in Rufus Project Rufus 2.17 Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code | 6.8 |