In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and version…

Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated…

Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses a dependency source ba…

TrueConf Client downloads application update code and applies it without performing verificatio…

The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.…

The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows re…

SHDesigns' Resident Download Manager provides firmware update capabilities for Rabbit 2000/3000…

Android devices with code from Ragentek contain a privileged binary that performs over-the-air …

Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download fi…

Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Adv…

ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability du…

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails…

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails…

<p>A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't prope…

The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows remote code execution via the…

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails…

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails…

Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Che…

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails…

An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 5.00.008.053 vi…

The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Ro…

OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platfo…

The PartyGaming PartyPoker client program 121/120 does not properly verify the authenticity of …

Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity v…

File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download chec…

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected inst…

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone application…

A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this…

A CWE-494: Download of Code Without Integrity Check vulnerability exists in PLC Simulator on Ec…

The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its softw…

MajorDoMo (aka Major Domestic Module) is vulnerable to unauthenticated remote code execution th…

Barco wePresent WiPG-1600W devices download code without an Integrity Check. Affected Version(s…

The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and…

RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where upgr…

Improper Input Validation in Teltonika firmware TRB2_R_00.02.04.01 allows a remote, authenticat…

Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an…

Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that c…

Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A malici…

Download of Code Without Integrity Check vulnerability in Apache Doris. The jdbc driver files u…

Printchaser v2.2021.804.1 and earlier versions contain a vulnerability, which could allow remot…