Vulnerabilities > Razer > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-27 | CVE-2022-47632 | Uncontrolled Search Path Element vulnerability in Razer Synapse Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. | 6.8 |
| 2021-04-14 | CVE-2021-30494 | Incorrect Default Permissions vulnerability in Razer Synapse 3.5.1030.101917 Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. | 5.5 |
| 2021-04-14 | CVE-2021-30493 | Incorrect Default Permissions vulnerability in Razer Synapse 3.5.1030.101917 Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the ChromaBroadcast subkey. | 5.5 |
| 2019-07-09 | CVE-2019-13142 | Incorrect Permission Assignment for Critical Resource vulnerability in Razer Surround 1.1.63.0 The RzSurroundVADStreamingService (RzSurroundVADStreamingService.exe) in Razer Surround 1.1.63.0 runs as the SYSTEM user using an executable located in %PROGRAMDATA%\Razer\Synapse\Devices\Razer Surround\Driver\. | 5.5 |