1184 matches found
CVE-2025-9870
Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target...
CVE-2025-9871 Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability
Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in...
CVE-2025-9871
CVE-2025-9871 describes a local privilege escalation in Razer Synapse 3 via the Razer Chroma SDK installer. The root cause is a symbolic link abuse in the installer that can be leveraged to delete arbitrary files, enabling an attacker who already has low-privilege code execution to escalate to SY...
CVE-2025-9871 Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability
Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in...
CVE-2025-9871
Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in...
CVE-2025-9869 Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability
Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in ord...
CVE-2025-9869 Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability
Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in ord...
CVE-2025-9869
CVE-2025-9869 concerns a local privilege escalation in Razer Synapse 3 Macro Module . The flaw exists in the Razer Synapse Service where an attacker can abuse a created symbolic link to delete arbitrary files. This may allow an attacker to escalate privileges and execute arbitrary code in the con...
CVE-2025-9869
Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in ord...
Razer Synapse 3 后置链接漏洞
Razer Synapse 3 is a software application from Razer, Inc. cloud-based unified hardware configuration tool. Razer Synapse 3 suffers from a backlink vulnerability that stems from a symbolic linking issue in the Razer Chroma SDK installer, which could lead to elevation of privilege and arbitrary co...
Razer Synapse 3 后置链接漏洞
Razer Synapse 3 is a software application from Razer, Inc. cloud-based unified hardware configuration tool. Razer Synapse 3 suffers from a backlink vulnerability that stems from a symbolic link issue in the Philips HUE module installer, which could lead to elevation of privilege and arbitrary cod...
Razer Synapse 3 后置链接漏洞
Razer Synapse 3 is a software application from Razer, Inc. cloud-based unified hardware configuration tool. Razer Synapse 3 suffers from a backlink vulnerability that stems from Razer Synapse Service allowing the creation of symbolic links, which could lead to local elevation of privilege and...
CVE-2025-61672
Synapse is an open source Matrix homeserver implementation. Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeserver...
Linux Distros Unpatched Vulnerability : CVE-2025-61672
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open source Matrix homeserver implementation. Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacke...
GHSA-FH66-FCV5-JJFR Synapse's invalid device keys degrade federation functionality
Impact Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeservers. Patches Patched in Synapse 1.138.3, 1.138.4,...
Improper Validation of Specified Type of Input
Overview matrix-synapse is an ecosystem for open federated Instant Messaging and VoIP. Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input due to insufficient validation of device keys. An attacker can disrupt federation functionality and unpredictab...
raiden (>=0.100.2 <=0.100.3rc1) potentially affected by CVE-2025-61672 via matrix-synapse (=0.33.9)
matrix-synapse PYPI version =0.33.9 is affected by a known vulnerability. The following packages have a transitive dependency on matrix-synapse and may be impacted: - raiden =0.100.2, =0.100.3rc1 Source cves: CVE-2025-61672 Source advisory: OSV:GHSA-FH66-FCV5-JJFR...
Synapse's invalid device keys degrade federation functionality
Impact Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeservers. Patches Patched in Synapse 1.138.3, 1.138.4,...
CVE-2025-61672
Synapse is an open source Matrix homeserver implementation. Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeserver...
DEBIAN-CVE-2025-61672
Synapse is an open source Matrix homeserver implementation. Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeserver...