Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RazerSynapse

9 matches found

CVE
CVEadded 2022/03/23 10:15 p.m.86 views

CVE-2021-44226

Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed. The unprivileged user may have placed Trojan horse DLLs there.

7.3CVSS7.4AI score0.00064EPSS
CVE
CVEadded 2017/08/02 7:29 p.m.75 views

CVE-2017-9769

A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process.

10CVSS9.2AI score0.78553EPSS
CVE
CVEadded 2017/09/13 8:29 a.m.47 views

CVE-2017-14398

rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory locations, and consequently gain privileges, via a methodology involving a handle to \Device\PhysicalMemory, IOCTL 0x22A064, and ZwMapViewOfSection.

7.8CVSS7.4AI score0.0005EPSS
CVE
CVEadded 2017/08/18 5:29 p.m.41 views

CVE-2017-11653

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse (1) RazerConfigNative.dll or (2) RazerConfigNativeLOC.dll file.

7.8CVSS7.6AI score0.00035EPSS
CVE
CVEadded 2021/04/14 3:15 p.m.40 views

CVE-2021-30494

Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other w...

5.5CVSS5.4AI score0.00047EPSS
CVE
CVEadded 2023/01/27 3:15 p.m.39 views

CVE-2022-47632

Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed and...

6.8CVSS6.9AI score0.00057EPSS
CVE
CVEadded 2017/08/18 5:29 p.m.33 views

CVE-2017-11652

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file.

8.4CVSS8.1AI score0.00039EPSS
CVE
CVEadded 2023/09/14 10:15 p.m.29 views

CVE-2022-47631

Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege management. Attackers can place DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed and if they deny write access for the SYSTEM u...

7.8CVSS7.6AI score0.00068EPSS
CVE
CVEadded 2021/04/14 3:15 p.m.27 views

CVE-2021-30493

Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the ChromaBroadcast subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other wo...

5.5CVSS5.4AI score0.00047EPSS