Lucene search
K

132 matches found

Prion
Prion
added 2023/09/14 10:15 p.m.21 views

Race condition

Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege management. Attackers can place DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed and if they deny write access for the SYSTEM...

3.5CVSS7AI score0.00378EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2023/09/14 12:0 a.m.24 views

CVE-2022-47631

Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege management. Attackers can place DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed and if they deny write access for the SYSTEM...

7.9AI score0.00378EPSS
Exploits2References3
AlpineLinux
AlpineLinux
added 2023/09/14 12:0 a.m.29 views

CVE-2022-47631

Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege management. Attackers can place DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed and if they deny write access for the SYSTEM...

7.8CVSS7.3AI score0.00378EPSS
Exploits2References3
CVE
CVE
added 2023/09/14 12:0 a.m.40 views

CVE-2022-47631

CVE-2022-47631 affects Razer Synapse up to version 3.7.1209.121307 (and earlier). The issue is a time‑of‑check/time‑of‑use race involving an unsafe installation path and improper privilege management that allows local users to escalate to administrator by replacing a legitimate DLL in %PROGRAMDAT...

7.8CVSS7.6AI score0.00378EPSS
Exploits2References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/08/31 12:0 a.m.6 views

PT-2023-15443 · Razer · Razer Synapse

Name of the Vulnerable Software and Affected Versions: Razer Synapse versions 3.7.1209.121307 and earlier Description: The issue allows for privilege escalation due to an unsafe installation path and improper privilege management. Attackers can place DLLs into %PROGRAMDATA%RazerSynapse3Servicebin...

7.8CVSS7.5AI score0.00378EPSS
Exploits2References7
0day.today
0day.today
added 2023/01/30 12:0 a.m.532 views

Razer Synapse 3.7.0731.072516 Local Privilege Escalation Vulnerability

Product: Razer Synapse Manufacturer: Razer Inc. Affected Versions: Versions before 3.7.0830.081906 Tested Versions: 3.7.0731.072516 Vulnerability Type: Improper Certificate Validation CWE-295 Risk Level: High Solution Status: Open Manufacturer Notification: 2022-08-02 Solution Date: 2022-09-06...

7.3CVSS0.9AI score0.00889EPSS
Exploits6
NVD
NVD
added 2023/01/27 3:15 p.m.28 views

CVE-2022-47632

Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed a...

6.8CVSS6.9AI score0.00633EPSS
Exploits4References5
OSV
OSV
added 2023/01/27 3:15 p.m.4 views

CVE-2022-47632

Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed a...

6.8CVSS5.8AI score0.00633EPSS
Exploits4References5
Prion
Prion
added 2023/01/27 3:15 p.m.23 views

Privilege escalation

Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed a...

4.6CVSS7.1AI score0.00633EPSS
Exploits4References5Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/27 12:0 a.m.14 views

CVE-2022-47632

Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed a...

7.1AI score0.00633EPSS
Exploits4References5
Packet Storm
Packet Storm
added 2023/01/27 12:0 a.m.424 views

Razer Synapse 3.7.0731.072516 Local Privilege Escalation

Advisory ID: SYSS-2022-047 Product: Razer Synapse Manufacturer: Razer Inc. Affected Versions: Versions before 3.7.0830.081906 Tested Versions: 3.7.0731.072516 Vulnerability Type: Improper Certificate Validation CWE-295 Risk Level: High Solution Status: Open Manufacturer Notification: 2022-08-02...

7.3CVSS0.4AI score0.00889EPSS
Exploits6
Cvelist
Cvelist
added 2023/01/27 12:0 a.m.39 views

CVE-2022-47632

Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed a...

7AI score0.00633EPSS
Exploits4References5
CNNVD
CNNVD
added 2023/01/27 12:0 a.m.33 views

Razer Synapse 代码问题漏洞

Razer Synapse is an application from Razer, Inc. designed to configure and customize Razer's line of hardware. A security vulnerability exists in versions prior to Razer Synapse 3.7.0830.081906 that stems from its insecure installation path, improper privilege management, and improper certificate...

6.8CVSS6.8AI score0.00633EPSS
Exploits4References9
CVE
CVE
added 2023/01/27 12:0 a.m.51 views

CVE-2022-47632

CVE-2022-47632 affects Razer Synapse pre-3.7.0830.081906. The vulnerability stems from an unsafe installation path, improper privilege management, and improper certificate validation that enables DLL hijacking via a malicious DLL placed in %PROGRAMDATA%\Razer\Synapse3\Service\bin before the servi...

6.8CVSS6.9AI score0.00633EPSS
Exploits4References5Affected Software1
CNNVD
CNNVD
added 2022/08/07 12:0 a.m.10 views

Razer Synapse 安全漏洞

Razer Synapse is an application from Razer, Inc. designed to configure and customize Razer's line of hardware. A security vulnerability exists in Razer Synapse. No information about this vulnerability is available at this time, so stay tuned to CNNVD or the manufacturer's announcement...

7.8CVSS7.3AI score0.00378EPSS
Exploits2References6
Packet Storm
Packet Storm
added 2022/03/28 12:0 a.m.315 views

Razer Synapse 3.6.x DLL Hijacking

Advisory ID: SYSS-2021-058 Product: Razer Synapse Manufacturer: Razer Inc. Affected Versions: Versions prior to 3.7.0228.022817 Tested Versions: 3.6.0920.091710, 3.6.1010.101113, 3.6.1018.101823, 3.6.1130.111217, 3.6.1201.111814, 3.7.0131.011810 Vulnerability Type: Improper Privilege Management...

0.3AI score0.00889EPSS
Exploits5
ATTACKERKB
ATTACKERKB
added 2022/03/23 10:15 p.m.2 views

CVE-2021-44226

Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed. The unprivileged user may have placed Trojan horse DLLs there...

7.3CVSS7AI score0.00889EPSS
Exploits5References9
Prion
Prion
added 2022/03/23 10:15 p.m.15 views

Privilege escalation

Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed. The unprivileged user may have placed Trojan horse DLLs there...

6.9CVSS7.4AI score0.00889EPSS
Exploits5References8Affected Software1
CNNVD
CNNVD
added 2022/03/23 12:0 a.m.37 views

Razer Synapse 3 代码问题漏洞

Razer Synapse 3 is an application from Razer USA, Inc. A cloud-based unified hardware configuration tool. A security vulnerability exists in Razer Synapse prior to version 3.7.0228.022817 that stems from the fact that Razer Synapse prior to version 3.7.0228.022817 allows privilege escalation...

7.3CVSS7.3AI score0.00889EPSS
Exploits5References12
CVE
CVE
added 2022/03/23 12:0 a.m.103 views

CVE-2021-44226

CVE-2021-44226 affects Razer Synapse prior to 3.7.0228.022817. The vulnerability arises from relying on the directory %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer was created by an unprivileged user before installation, allowing an unprivileged user to place trojan horse D...

7.3CVSS7.4AI score0.00889EPSS
Exploits5References8Affected Software1
Rows per page
Query Builder