835 matches found
Mate Security Introduces the Security Context Graph, an Approach to Smarter SOCs
New York, USA, 17th February 2026, CyberNewswire...
CVE-2021-22307
There is a weak algorithm vulnerability in Mate 3010.0.0.203C00E201R7P2. The protection is insufficient for the modules that should be protected. Local attackers can exploit this vulnerability to affect the integrity of certain module...
CVE-2021-22301
Mate 30 10.0.0.203C00E201R7P2 have a buffer overflow vulnerability. After obtaining the root permission, an attacker can exploit the vulnerability to cause buffer overflow...
CVE-2021-22440
There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly...
CVE-2021-22305
There is a buffer overflow vulnerability in Mate 30 10.1.0.126C00E125R5P3. A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause buffer overflow, compromising normal service...
CVE-2021-22364
There is a denial of service vulnerability in the versions 10.1.0.126C00E125R5P3 of HUAWEI Mate 30 and 10.1.0.152C00E136R7P2 of HUAWEI Mate 30 5G . A module does not verify certain parameters sufficiently and it leads to some exceptions. Successful exploit could cause a denial of service conditio...
CVE-2021-22306
There is an out-of-bound read vulnerability in Mate 30 10.0.0.182C00E180R6P2. A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause out-of-bound, compromising normal service...
PT-2026-26143
HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. In the cram decode slice function called while reading CRAM records, the value of the mate reference id field was not validated. Later use of this value,...
CVE-2025-34501
Deck Mate 2 ships with static, hard-coded credentials for the root shell and web UI, and exposes multiple management services by default (SSH, HTTP, Telnet, SMB, X11). An attacker with local or near-local access (e.g., USB or Ethernet ports under the table) can login as admin and gain full contro...
PT-2025-44802
Name of the Vulnerable Software and Affected Versions Deck Mate 2 affected versions not specified Description Deck Mate 2 is shipped with pre-set, unchanging credentials for both the root shell and the web user interface. Multiple management services, including SSH, HTTP, Telnet, SMB, and X11, ar...
Light & Wonder Deck Mate 安全漏洞
Light & Wonder Deck Mate is an automated licensing device from Light & Wonder UK. A security vulnerability exists in the Light & Wonder Deck Mate that stems from the use of hard-coded credentials and the enabling of multiple management services by default, which could lead to unauthorized...
CVE-2025-34503
Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this design predates modern secure-boot or signed-update...
CVE-2025-34503
Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this design predates modern secure-boot or signed-update...
CVE-2025-34503 Shuffle Master Deck Mate 1 Unauthenticated EEPROM Firmware Execution
Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this design predates modern secure-boot or signed-update...
CVE-2025-34502 Shuffle Master Deck Mate 2 Missing Secure Boot
Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an attacker with physical access can modify or replace the bootloader, kernel, or filesystem and gain persistent code execution on reboo...
CVE-2025-34502 Shuffle Master Deck Mate 2 Missing Secure Boot
Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an attacker with physical access can modify or replace the bootloader, kernel, or filesystem and gain persistent code execution on reboo...
CVE-2025-34502
The CVE-2025-34502 entry affects Deck Mate 2 by lacking a verified secure-boot chain and runtime integrity validation for its controller and display modules. This allows a physically proximate attacker to modify or replace the bootloader, kernel, or filesystem, enabling persistent code execution ...
CVE-2025-34500 Shuffle Master Deck Mate 2 Insecure Update Chain
Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature verification, encrypts them with a single hard-coded AES key shared across devices, and uses a truncated HMAC for integrity validation. Attackers with access to the update interface - typically via the unit's...
CVE-2025-34500 Shuffle Master Deck Mate 2 Insecure Update Chain
Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature verification, encrypts them with a single hard-coded AES key shared across devices, and uses a truncated HMAC for integrity validation. Attackers with access to the update interface - typically via the unit's...
CVE-2025-34500
CVE-2025-34500 affects Deck Mate 2. The firmware update mechanism accepts unsigned packages, uses a single hard-coded AES key for encryption, and applies a truncated HMAC for integrity, enabling an attacker with USB/update-interface access to craft/modify firmware to execute arbitrary code as roo...