Lucene search
+L

940 matches found

euvd
euvd
added 2026/02/27 6:31 a.m.8 views

EUVD-2026-8994

Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker or anyone paying attention, the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go2 and other models...

7.8CVSS5.5AI score0.00153EPSS
Exploits1References5
nvd
nvd
added 2026/02/27 5:18 a.m.10 views

CVE-2026-1442

Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker or anyone paying attention, the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go2 and other models...

7.8CVSS0.00153EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2026/02/27 4:28 a.m.5 views

CVE-2026-1442 Unitree UPK files Hard-Coded Key

Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker or anyone paying attention, the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go2 and other models...

7.8CVSS5.9AI score0.00153EPSS
Exploits1References4
attackerkb
attackerkb
added 2026/02/27 4:28 a.m.6 views

CVE-2026-1442

Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker or anyone paying attention, the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go2 and other models...

7.8CVSS5.7AI score0.00153EPSS
Exploits1References4
cvelist
cvelist
added 2026/02/27 4:28 a.m.28 views

CVE-2026-1442 Unitree UPK files Hard-Coded Key

Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker or anyone paying attention, the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go2 and other models...

7.8CVSS0.00153EPSS
Exploits1References4
cve
cve
added 2026/02/27 4:28 a.m.28 views

CVE-2026-1442

CVE-2026-1442 describes a vulnerability in Unitree firmware update protection where the algorithm used to protect firmware updates is itself encrypted with key material accessible to an attacker. This could allow an unauthorized user to alter firmware updates and have them trusted by Unitree prod...

7.8CVSS5.4AI score0.00153EPSS
Exploits1References4Affected Software1
nvd
nvd
added 2026/02/27 1:16 a.m.11 views

CVE-2026-25195

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by supplying a crafted firmware update file via the firmware update route...

8CVSS0.01447EPSS
Exploits0References3
osv
osv
added 2026/02/27 1:16 a.m.5 views

CVE-2026-20910

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the devices field of the firmware update update action to achieve remote code execution...

8.8CVSS6.5AI score0.01489EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/02/27 12:0 a.m.8 views

Copeland多款产品 操作系统命令注入漏洞

Copeland XWEB PRO, among others, are advanced commercial and industrial refrigeration monitoring and management systems developed by the American company Copeland. Several Copeland products have vulnerabilities related to OS command injection. This vulnerability stems from OS commands injected in...

8.8CVSS6.2AI score0.01518EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/02/27 12:0 a.m.14 views

PT-2026-22294

Name of the Vulnerable Software and Affected Versions Unitree Go2 and other models versions affected versions not specified Description The encryption algorithm used to protect firmware updates is encrypted using key material accessible to attackers. This allows unauthorized modification of...

7.8CVSS5.9AI score0.00153EPSS
Exploits1References14
cnnvd
cnnvd
added 2026/02/27 12:0 a.m.9 views

Copeland多款产品 操作系统命令注入漏洞

Copeland XWEB 300D PRO, among others, are advanced commercial and industrial refrigeration monitoring and management systems developed by the American company Copeland. Several Copeland products have vulnerabilities related to operating system command injection. These vulnerabilities stem from...

8.8CVSS6.2AI score0.01489EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/02/27 12:0 a.m.9 views

Copeland多款产品 操作系统命令注入漏洞

Both the Copeland XWEB 500D PRO and Copeland XWEB 500B PRO are advanced commercial and industrial refrigeration monitoring and management systems from the American company Copeland. Several Copeland products have a vulnerability related to operating system command injection. This vulnerability...

8CVSS6.2AI score0.01447EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/02/13 1:22 p.m.7 views

CVE-2025-15575

The firmware update functionality does not verify the authenticity of the supplied firmware update files. This allows attackers to flash malicious firmware update files on the device. Initial analysis of the firmware update functionality does not show any cryptographic checks e.g. digital signatu...

5.3CVSS5.5AI score0.00123EPSS
Exploits0References1
nvd
nvd
added 2026/02/12 11:15 a.m.6 views

CVE-2025-15575

The firmware update functionality does not verify the authenticity of the supplied firmware update files. This allows attackers to flash malicious firmware update files on the device. Initial analysis of the firmware update functionality does not show any cryptographic checks e.g. digital signatu...

5.3CVSS0.00123EPSS
Exploits0References1
cve
cve
added 2026/02/12 10:51 a.m.31 views

CVE-2025-15575

The CVE-2025-15575 issue affects Solax Power Pocket WiFi. The firmware update functionality does not verify the authenticity of supplied firmware update files and lacks cryptographic checks (e.g., digital signatures). ESP32 security features such as secure boot are not used. Root cause: no authen...

5.3CVSS5.5AI score0.00123EPSS
Exploits0References1
hp
hp
added 2026/02/10 12:0 a.m.14 views

AMD Processors February 2026 Security Update

AMD has informed HP of potential vulnerabilities in certain AMD Athlon™, AMD Ryzen™, and AMD Ryzen™ Embedded Processors, which might allow escalation of privilege, arbitrary code execution, kernel memory corruption, denial of service, loss of confidentiality, loss of integrity, loss of...

7.3CVSS5.9AI score0.00177EPSS
Exploits0Affected Software291
hp
hp
added 2026/02/10 12:0 a.m.58 views

Intel Processor Firmware February 2026 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Processors, which might allow escalation of privilege. Intel is releasing microcode updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has identified...

3.9CVSS5.5AI score0.00133EPSS
Exploits0Affected Software232
hp
hp
added 2026/02/10 12:0 a.m.100 views

Intel Chipset Firmware February 2026 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® Converged Security and Management Engine Intel® CSME, some Intel® Active Management Technology Intel® AMT, and some Intel® Standard Manageability, which might allow denial of service or information disclosure. Intel is...

8.7CVSS5.6AI score0.00274EPSS
Exploits0Affected Software540
intel
intel
added 2026/02/10 12:0 a.m.41 views

2026.1 IPU, Intel® Chipset Firmware Advisory

Summary: Potential security vulnerabilities in some Intel® Converged Security and Management Engine Intel® CSME, some Intel® Active Management Technology Intel® AMT, and some Intel® Standard Manageability may allow denial of service or information disclosure. Intel is releasing firmware updates t...

8.7CVSS5.4AI score0.00274EPSS
Exploits0
intel
intel
added 2026/02/10 12:0 a.m.15 views

2026.1 IPU,  Intel® Trust Domain Extensions (Intel® TDX) module Advisory

Summary: Potential security vulnerabilities for some Intel® TDX modules may allow information disclosure, escalation of privilege, or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2025-30513 Description: Race...

8.3CVSS5.6AI score0.00122EPSS
Exploits0
Rows per page
Query Builder