Fallos del tipo CWE-494
159 resultadosCVE-2022-46423HIGHAn exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. An attacker can conduct a MITM (Man-in-thEPSS 0.4%CVE-2021-26639HIGHWISA Smart Wing CMS File Download VulnerabilityEPSS 0.4%CVE-2019-19166HIGHTobesoft XPlatform Arbitrary File Execution VulnerabilityEPSS 0.4%CVE-2025-27593CRITICALRCE due to Device DriverEPSS 0.4%CVE-2023-27574—ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODE_SIGNING_INJECT_BASE_ENTITLEMENTS.EPSS 0.4%CVE-2026-42248HIGHMissing Signature Verification for Updates in OllamaEPSS 0.4%CVE-2022-24117CRITICALCertain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0,EPSS 0.4%CVE-2020-22654CRITICALIn Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, RuckusEPSS 0.3%CVE-2022-46428MEDIUMTP-Link TL-WR1043ND V1 3.13.15 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uEPSS 0.3%CVE-2022-46430MEDIUMTP-Link TL-WR740N V1 and V2 v3.12.4 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) EPSS 0.3%CVE-2020-22658CRITICALIn Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, RuckusEPSS 0.3%CVE-2023-27025HIGHAn arbitrary file download vulnerability in the background management module of RuoYi v4.7.6 and below allows attackers to download arbitrarEPSS 0.3%CVE-2023-46143HIGHPhoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLCEPSS 0.3%CVE-2023-5592HIGHPhoenix Contact: ProConOs prone to Download of Code Without Integrity CheckEPSS 0.3%CVE-2025-28236CRITICALNautel VX Series transmitters VX SW v6.4.0 and below was discovered to contain a remote code execution (RCE) vulnerability in the firmware uEPSS 0.3%CVE-2025-14265CRITICALImproper server-side validation in ScreenConnect extension frameworkEPSS 0.3%CVE-2025-57431HIGHThe Sound4 PULSE-ECO AES67 1.22 web-based management interface is vulnerable to Remote Code Execution (RCE) via a malicious firmware update EPSS 0.3%CVE-2023-37864HIGHPHOENIX CONTACT: WP 6xxx Web panels prone to download code without integrity checkEPSS 0.3%CVE-2026-9089HIGHThe ConnectWise Automate™ Agent does not fully verify the authenticity of components obtained during plugin loading and self-update operatioEPSS 0.3%CVE-2023-46144MEDIUMPHOENIX CONTACT: PLCnext Control prone to download of code without integrity checkEPSS 0.3%