Lucene search
K

1184 matches found

AlpineLinux
AlpineLinux
added 2025/10/29 7:34 p.m.5 views

CVE-2025-9870

Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target...

7.8CVSS7.5AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/29 7:33 p.m.8 views

CVE-2025-9871 Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability

Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in...

7.8CVSS0.00175EPSS
Exploits0References1
CVE
CVE
added 2025/10/29 7:33 p.m.18 views

CVE-2025-9871

CVE-2025-9871 describes a local privilege escalation in Razer Synapse 3 via the Razer Chroma SDK installer. The root cause is a symbolic link abuse in the installer that can be leveraged to delete arbitrary files, enabling an attacker who already has low-privilege code execution to escalate to SY...

7.8CVSS7.7AI score0.00175EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/29 7:33 p.m.5 views

CVE-2025-9871 Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability

Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in...

7.8CVSS7.1AI score0.00175EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/10/29 7:33 p.m.5 views

CVE-2025-9871

Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in...

7.8CVSS7.5AI score0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/29 7:33 p.m.3 views

CVE-2025-9869 Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability

Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in ord...

7.8CVSS7.1AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/29 7:33 p.m.10 views

CVE-2025-9869 Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability

Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in ord...

7.8CVSS0.00175EPSS
Exploits0References1
CVE
CVE
added 2025/10/29 7:33 p.m.16 views

CVE-2025-9869

CVE-2025-9869 concerns a local privilege escalation in Razer Synapse 3 Macro Module . The flaw exists in the Razer Synapse Service where an attacker can abuse a created symbolic link to delete arbitrary files. This may allow an attacker to escalate privileges and execute arbitrary code in the con...

7.8CVSS7.7AI score0.00175EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2025/10/29 7:33 p.m.5 views

CVE-2025-9869

Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in ord...

7.8CVSS7.5AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.6 views

Razer Synapse 3 后置链接漏洞

Razer Synapse 3 is a software application from Razer, Inc. cloud-based unified hardware configuration tool. Razer Synapse 3 suffers from a backlink vulnerability that stems from a symbolic linking issue in the Razer Chroma SDK installer, which could lead to elevation of privilege and arbitrary co...

7.8CVSS8.1AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.10 views

Razer Synapse 3 后置链接漏洞

Razer Synapse 3 is a software application from Razer, Inc. cloud-based unified hardware configuration tool. Razer Synapse 3 suffers from a backlink vulnerability that stems from a symbolic link issue in the Philips HUE module installer, which could lead to elevation of privilege and arbitrary cod...

7.8CVSS8.1AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.6 views

Razer Synapse 3 后置链接漏洞

Razer Synapse 3 is a software application from Razer, Inc. cloud-based unified hardware configuration tool. Razer Synapse 3 suffers from a backlink vulnerability that stems from Razer Synapse Service allowing the creation of symbolic links, which could lead to local elevation of privilege and...

7.8CVSS7.6AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/18 3:37 p.m.12 views

CVE-2025-61672

Synapse is an open source Matrix homeserver implementation. Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeserver...

5.3CVSS6.6AI score0.0044EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/10/14 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-61672

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open source Matrix homeserver implementation. Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacke...

5.3CVSS5.6AI score0.0044EPSS
Exploits0References2
OSV
OSV
added 2025/10/08 5:51 p.m.3 views

GHSA-FH66-FCV5-JJFR Synapse's invalid device keys degrade federation functionality

Impact Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeservers. Patches Patched in Synapse 1.138.3, 1.138.4,...

5.3CVSS7AI score0.0044EPSS
Exploits0References10
Snyk
Snyk
added 2025/10/08 5:51 p.m.4 views

Improper Validation of Specified Type of Input

Overview matrix-synapse is an ecosystem for open federated Instant Messaging and VoIP. Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input due to insufficient validation of device keys. An attacker can disrupt federation functionality and unpredictab...

5.4CVSS6.8AI score0.0044EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/10/08 5:51 p.m.3 views

raiden (>=0.100.2 <=0.100.3rc1) potentially affected by CVE-2025-61672 via matrix-synapse (=0.33.9)

matrix-synapse PYPI version =0.33.9 is affected by a known vulnerability. The following packages have a transitive dependency on matrix-synapse and may be impacted: - raiden =0.100.2, =0.100.3rc1 Source cves: CVE-2025-61672 Source advisory: OSV:GHSA-FH66-FCV5-JJFR...

5.3CVSS5.8AI score0.0044EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2025/10/08 5:51 p.m.7 views

Synapse's invalid device keys degrade federation functionality

Impact Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeservers. Patches Patched in Synapse 1.138.3, 1.138.4,...

5.3CVSS7AI score0.0044EPSS
Exploits0References10Affected Software1
NVD
NVD
added 2025/10/08 3:16 p.m.4 views

CVE-2025-61672

Synapse is an open source Matrix homeserver implementation. Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeserver...

5.3CVSS0.0044EPSS
Exploits0References6
OSV
OSV
added 2025/10/08 3:16 p.m.2 views

DEBIAN-CVE-2025-61672

Synapse is an open source Matrix homeserver implementation. Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeserver...

5.3CVSS7AI score0.0044EPSS
Exploits0References1
Rows per page
Query Builder