21 matches found
EUVD-2025-36710
Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in...
CVE-2025-9871 Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability
Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in...
CVE-2025-9871
Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in...
Razer Synapse 3 后置链接漏洞
Razer Synapse 3 is a software application from Razer, Inc. cloud-based unified hardware configuration tool. Razer Synapse 3 suffers from a backlink vulnerability that stems from a symbolic linking issue in the Razer Chroma SDK installer, which could lead to elevation of privilege and arbitrary co...
EUVD-2020-8563
Malware in sbrugna...
Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Razer Chroma SDK...
Malicious code in com.razer.chromasdk (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b1ad926ddbb6413d05a3f45c0e214d6021452a02c31c62dc6b70cffd2c36c087 Any computer that has this package installed or running should be considered...
CVE-2020-16602
Razer Chroma SDK Rest Server through 3.12.17 allows remote attackers to execute arbitrary programs because there is a race condition in which a file created under "%PROGRAMDATA%\Razer Chroma\SDK\Apps" can be replaced before it is executed by the server. The attacker must have access to port 54236...
CVE-2021-30494
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other...
CVE-2021-30494
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other...
Design/Logic Flaw
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other...
CVE-2021-30494
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other...
CVE-2021-30494
The CVE-2021-30494 entry concerns Razer Synapse 3 and the Razer Chroma SDK. The connected documents describe that multiple system services installed with the Razer Synapse 3 suite perform privileged operations on entries within the Chroma SDK subkey, specifically involving file name concatenation...
Razer Chroma SDK Server 3.16.02 Race Condition
Exploit Title: Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution Date: 2020-08-13 Exploit Author: Loke Hui Yi Vendor Homepage: https://razerid.razer.com Software Link: http://rzr.to/synapse-3-pc-download Version: , and create an exe file with the same application's name in th...
Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution Exploit
Exploit Title: Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution Exploit Author: Loke Hui Yi Vendor Homepage: https://razerid.razer.com Software Link: http://rzr.to/synapse-3-pc-download Version: , and create an exe file with the same application's name in that folder. The Ap...
Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution
Exploit Title: Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution Date: 2020-08-13 Exploit Author: Loke Hui Yi Vendor Homepage: https://razerid.razer.com Software Link: http://rzr.to/synapse-3-pc-download Version: , and create an exe file with the same application's name in th...
CVE-2020-16602
Razer Chroma SDK Rest Server through 3.12.17 allows remote attackers to execute arbitrary programs because there is a race condition in which a file created under "%PROGRAMDATA%\Razer Chroma\SDK\Apps" can be replaced before it is executed by the server. The attacker must have access to port 54236...
CVE-2020-16602
Razer Chroma SDK Rest Server through 3.12.17 allows remote attackers to execute arbitrary programs because there is a race condition in which a file created under "%PROGRAMDATA%\Razer Chroma\SDK\Apps" can be replaced before it is executed by the server. The attacker must have access to port 54236...
CVE-2020-16602
Razer Chroma SDK Rest Server through 3.12.17 allows remote attackers to execute arbitrary programs because there is a race condition in which a file created under "%PROGRAMDATA%\Razer Chroma\SDK\Apps" can be replaced before it is executed by the server. The attacker must have access to port 54236...
PT-2020-14874 · Razer · Razer Chroma Sdk Rest Server
Name of the Vulnerable Software and Affected Versions: Razer Chroma SDK Rest Server versions 3.12.17 and earlier Description: The issue allows remote attackers to execute arbitrary programs due to a race condition. This condition occurs when a file created under "%PROGRAMDATA%Razer ChromaSDKApps"...