CWE-353
31 CVEs classified under CWE-353. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-45787 | Critical | 9.1 | 2026-05-28 | electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, const… |
CVE-2021-26608 | High | 8.8 | 2021-09-09 | An arbitrary file download and execution vulnerability was found in the HShell.dll of handysoft Co., Ltd groupware ActiveX module. This issue is due to missing… |
CVE-2020-7810 | High | 8.8 | 2020-08-07 | hslogin2.dll ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the… |
CVE-2020-10266 | High | 8.8 | 2020-04-06 | UR+ (Universal Robots+) is a platform of hardware and software component sellers, for Universal Robots robots. When installing any of these components in the r… |
CVE-2020-7808 | High | 8.7 | 2020-05-21 | In RAONWIZ K Upload v2018.0.2.51 and prior, automatic update processing without integrity check on update module(web.js) allows an attacker to modify arguments… |
CVE-2019-11480 | High | 8.4 | 2020-04-14 | The pc-kernel snap build process hardcoded the --allow-insecure-repositories and --allow-unauthenticated apt options when creating the build chroot environment… |
CVE-2021-28545 | High | 8.1 | 2021-04-01 | Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an inte… |
CVE-2019-12804 | High | 7.8 | 2019-07-10 | In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, due to the lack of update file integrity checking in the upgrade process, an attacker can craft… |
CVE-2023-32475 | High | 7.6 | 2024-06-07 | Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechan… |
CVE-2025-15364 | High | 7.3 | 2026-01-06 | The Download Manager plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.3.40. This is due… |
CVE-2025-48500 | High | 7.3 | 2025-08-13 | A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that may allow a local, authenticated attacker with access to the… |
CVE-2021-26610 | High | 7.2 | 2021-10-27 | The move_uploaded_file function in godomall5 does not perform an integrity check of extension or authority when user upload file. This vulnerability allows an… |
CVE-2026-42428 | High | 7.1 | 2026-04-28 | OpenClaw versions before 2026.4.8 fail to enforce integrity verification on downloaded plugin archives. Attackers can install malicious or tampered plugin pack… |
CVE-2025-48811 | Medium | 6.7 | 2025-07-08 | Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. |
CVE-2025-48803 | Medium | 6.7 | 2025-07-08 | Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. |
CVE-2021-38396 | Medium | 6.5 | 2021-10-04 | The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive. An attacker could lev… |
CVE-2021-28546 | Medium | 6.5 | 2021-04-01 | Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an inte… |
CVE-2022-24404 | Medium | 5.9 | 2023-10-19 | Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulat… |
CVE-2022-2793 | Medium | 5.9 | 2022-08-19 | Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or au… |
CVE-2019-19160 | Medium | 5.7 | 2020-06-29 | Reportexpress ProPlus contains a vulnerability that could allow an arbitrary code execution by inserted VBscript into the configure file(rxp). |