Fallos del tipo CWE-494
159 resultadosCVE-2018-14620MEDIUMThe OpenStack RabbitMQ container image insecurely retrieves the rabbitmq_clusterer component over HTTP during the build stage. This could poEPSS 0.6%CVE-2019-3801HIGHJava Projects using HTTP to fetch dependenciesEPSS 0.6%CVE-2020-7873HIGHDownload of code without integrity check vulnerability in ActiveX control of Younglimwon Co., Ltd allows the attacker to cause a arbitrary fEPSS 0.6%CVE-2023-23110HIGHAn exploitable firmware modification vulnerability was discovered in certain Netgear products. The data integrity of the uploaded firmware iEPSS 0.6%CVE-2017-12740—Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity verification of software packages downloaded via an unprotected communEPSS 0.6%CVE-2020-7874HIGHNEXACRO14 Runtime arbitrary file download and execution vulnerabilityEPSS 0.6%CVE-2023-39474HIGHInductive Automation Ignition downloadLaunchClientJar Remote Code Execution VulnerabilityEPSS 0.5%CVE-2026-2999CRITICALChanging|IDExpert Windows Logon Agent - Remote Code ExecutionEPSS 0.5%CVE-2026-3000CRITICALChanging|IDExpert Windows Logon Agent - Remote Code ExecutionEPSS 0.5%CVE-2024-30205HIGHIn Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.EPSS 0.5%CVE-2020-9751—Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker's server and execute it during the upEPSS 0.5%CVE-2020-29032HIGHAdd integrity check of GateManager firmwareEPSS 0.5%CVE-2026-25961HIGHSumatraPDF Update MITM -> Arbitrary Code ExecutionEPSS 0.4%CVE-2019-10240—Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of HTTPS. Any of these deEPSS 0.4%CVE-2019-10248—Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS. Any of these dependentEPSS 0.4%CVE-2025-56513CRITICALNiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signatures or hash checks. An attacker capable of iEPSS 0.4%CVE-2019-14845MEDIUMA vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. Builds that extract source from a container image, bypass the TLS hosEPSS 0.4%CVE-2025-11182HIGHFile Download in GTONE ChangeFlowEPSS 0.4%CVE-2025-63220HIGHThe Sound4 FIRST web-based management interface is vulnerable to Remote Code Execution (RCE) via a malicious firmware update package. The upEPSS 0.4%CVE-2025-63215HIGHThe Sound4 IMPACT web-based management interface is vulnerable to Remote Code Execution (RCE) via a malicious firmware update package. The uEPSS 0.4%