Lucene search
K

132 matches found

OSV
OSV
added 2017/09/13 8:29 a.m.4 views

CVE-2017-14398

rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory locations, and consequently gain privileges, via a methodology involving a handle to \Device\PhysicalMemory, IOCTL 0x22A064, and ZwMapViewOfSection...

7.8CVSS5.9AI score0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/09/13 8:0 a.m.29 views

CVE-2017-14398

rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory locations, and consequently gain privileges, via a methodology involving a handle to \Device\PhysicalMemory, IOCTL 0x22A064, and ZwMapViewOfSection...

7.5AI score0.00288EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/21 12:0 a.m.5 views

Razer Synapse Local Elevation of Privilege Vulnerability

Razer Synapse is a Razer device configuration software from Razer USA. A security vulnerability exists in Razer Synapse 2.20.15.1104 and earlier versions, which stems from the program assigning weak privileges to the CrashReporter directory. A local attacker can exploit the vulnerability to gain...

8.4CVSS8.2AI score0.00411EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/21 12:0 a.m.7 views

Razer Synapse Local Elevation of Privilege Vulnerability (CNVD-2017-29736)

Razer Synapse is a Razer device configuration software from Razer USA. A security vulnerability exists in Razer Synapse 2.20.15.1104 and earlier versions, which stems from the program assigning weak privileges to the Devices path. A local attacker can exploit this vulnerability to gain privileges...

7.8CVSS7.7AI score0.00358EPSS
Exploits0References1
NVD
NVD
added 2017/08/18 5:29 p.m.10 views

CVE-2017-11652

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file...

8.4CVSS8.2AI score0.00411EPSS
Exploits0References1
OSV
OSV
added 2017/08/18 5:29 p.m.4 views

CVE-2017-11652

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file...

8.4CVSS5.8AI score0.00411EPSS
Exploits0References1
OSV
OSV
added 2017/08/18 5:29 p.m.6 views

CVE-2017-11653

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse 1 RazerConfigNative.dll or 2 RazerConfigNativeLOC.dll file...

7.8CVSS5.8AI score0.00358EPSS
Exploits0References1
NVD
NVD
added 2017/08/18 5:29 p.m.22 views

CVE-2017-11653

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse 1 RazerConfigNative.dll or 2 RazerConfigNativeLOC.dll file...

7.8CVSS7.7AI score0.00358EPSS
Exploits0References1
Prion
Prion
added 2017/08/18 5:29 p.m.13 views

Design/Logic Flaw

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse 1 RazerConfigNative.dll or 2 RazerConfigNativeLOC.dll file...

4.6CVSS7.6AI score0.00358EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2017/08/18 5:29 p.m.12 views

Design/Logic Flaw

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file...

4.6CVSS8.1AI score0.00411EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/08/18 5:0 p.m.44 views

CVE-2017-11652

Razer Synapse 2.20.15.1104 and earlier suffer weak permissions on the CrashReporter directory, enabling local attackers to gain privileges by dropping a malicious dbghelp.dll. Affected component: CrashReporter handling in Razer Synapse; root cause: insecure directory permissions facilitating DLL ...

8.4CVSS8.1AI score0.00411EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/08/18 5:0 p.m.20 views

CVE-2017-11652

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file...

8.2AI score0.00411EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/08/18 5:0 p.m.19 views

CVE-2017-11653

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse 1 RazerConfigNative.dll or 2 RazerConfigNativeLOC.dll file...

7.7AI score0.00358EPSS
Exploits0References1
CVE
CVE
added 2017/08/18 5:0 p.m.51 views

CVE-2017-11653

CVE-2017-11653 affects Razer Synapse 2.20.15.1104 and earlier. The vulnerability arises from weak permissions on the Devices directory, enabling local privilege escalation via a trojan horse using one of two DLLs: RazerConfigNative.dll or RazerConfigNativeLOC.dll. The impact is local privilege es...

7.8CVSS7.6AI score0.00358EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/08/04 12:0 a.m.6 views

Razer Synapse rzpnk.sys Driver Elevation of Privilege Vulnerability

Razer Synapse is a Razer device configuration software from Razer USA. A security vulnerability in the Razer Synapse rzpnk.sys driver allows remote attackers to exploit the vulnerability to submit specially crafted IOCTL requests for elevated privileges...

10CVSS9.1AI score0.85539EPSS
Exploits5References1
CNVD
CNVD
added 2017/08/04 12:0 a.m.3 views

Razer Synapse rzpnk.sys Driver Out-of-Bounds Read Vulnerability

Razer Synapse is a Razer device configuration software from Razer USA. A security vulnerability in the Razer Synapse rzpnk.sys driver allows remote attackers to exploit the vulnerability by submitting specially crafted IOCTL requests to read memory out-of-bounds, resulting in a denial-of-service...

5.5CVSS5.5AI score0.00332EPSS
Exploits1References1
OSV
OSV
added 2017/08/02 7:29 p.m.6 views

CVE-2017-9769

A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process...

9.8CVSS5.9AI score0.85539EPSS
Exploits5References3
NVD
NVD
added 2017/08/02 7:29 p.m.13 views

CVE-2017-9770

A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse that can cause an out of bounds read operation to occur due to a field within the IOCTL data being used as a length...

5.5CVSS5.4AI score0.00332EPSS
Exploits1References1
NVD
NVD
added 2017/08/02 7:29 p.m.21 views

CVE-2017-9769

A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process...

10CVSS9.3AI score0.85539EPSS
Exploits5References3
Prion
Prion
added 2017/08/02 7:29 p.m.13 views

Out-of-bounds

A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse that can cause an out of bounds read operation to occur due to a field within the IOCTL data being used as a length...

2.1CVSS6.9AI score0.00332EPSS
Exploits1References1
Rows per page
Query Builder