132 matches found
CVE-2017-14398
rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory locations, and consequently gain privileges, via a methodology involving a handle to \Device\PhysicalMemory, IOCTL 0x22A064, and ZwMapViewOfSection...
CVE-2017-14398
rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory locations, and consequently gain privileges, via a methodology involving a handle to \Device\PhysicalMemory, IOCTL 0x22A064, and ZwMapViewOfSection...
Razer Synapse Local Elevation of Privilege Vulnerability
Razer Synapse is a Razer device configuration software from Razer USA. A security vulnerability exists in Razer Synapse 2.20.15.1104 and earlier versions, which stems from the program assigning weak privileges to the CrashReporter directory. A local attacker can exploit the vulnerability to gain...
Razer Synapse Local Elevation of Privilege Vulnerability (CNVD-2017-29736)
Razer Synapse is a Razer device configuration software from Razer USA. A security vulnerability exists in Razer Synapse 2.20.15.1104 and earlier versions, which stems from the program assigning weak privileges to the Devices path. A local attacker can exploit this vulnerability to gain privileges...
CVE-2017-11652
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file...
CVE-2017-11652
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file...
CVE-2017-11653
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse 1 RazerConfigNative.dll or 2 RazerConfigNativeLOC.dll file...
CVE-2017-11653
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse 1 RazerConfigNative.dll or 2 RazerConfigNativeLOC.dll file...
Design/Logic Flaw
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse 1 RazerConfigNative.dll or 2 RazerConfigNativeLOC.dll file...
Design/Logic Flaw
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file...
CVE-2017-11652
Razer Synapse 2.20.15.1104 and earlier suffer weak permissions on the CrashReporter directory, enabling local attackers to gain privileges by dropping a malicious dbghelp.dll. Affected component: CrashReporter handling in Razer Synapse; root cause: insecure directory permissions facilitating DLL ...
CVE-2017-11652
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file...
CVE-2017-11653
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse 1 RazerConfigNative.dll or 2 RazerConfigNativeLOC.dll file...
CVE-2017-11653
CVE-2017-11653 affects Razer Synapse 2.20.15.1104 and earlier. The vulnerability arises from weak permissions on the Devices directory, enabling local privilege escalation via a trojan horse using one of two DLLs: RazerConfigNative.dll or RazerConfigNativeLOC.dll. The impact is local privilege es...
Razer Synapse rzpnk.sys Driver Elevation of Privilege Vulnerability
Razer Synapse is a Razer device configuration software from Razer USA. A security vulnerability in the Razer Synapse rzpnk.sys driver allows remote attackers to exploit the vulnerability to submit specially crafted IOCTL requests for elevated privileges...
Razer Synapse rzpnk.sys Driver Out-of-Bounds Read Vulnerability
Razer Synapse is a Razer device configuration software from Razer USA. A security vulnerability in the Razer Synapse rzpnk.sys driver allows remote attackers to exploit the vulnerability by submitting specially crafted IOCTL requests to read memory out-of-bounds, resulting in a denial-of-service...
CVE-2017-9769
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process...
CVE-2017-9770
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse that can cause an out of bounds read operation to occur due to a field within the IOCTL data being used as a length...
CVE-2017-9769
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process...
Out-of-bounds
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse that can cause an out of bounds read operation to occur due to a field within the IOCTL data being used as a length...