📦 Parallels Desktop

A privilege escalation vulnerability in Parallels Desktop for Mac allows attackers to write to arbitrary files by exploiting hard links during snapshot creation. This could enable local attackers to g...

This CVE describes a privilege escalation vulnerability in Parallels Desktop for Mac where the prl_vmarchiver tool writes decompressed archive contents with root privileges. Attackers can exploit this...

This vulnerability allows local attackers with low-privileged access to escalate to root privileges by exploiting a symbolic link issue in Parallels Desktop's Updater service. Attackers can move arbit...

This vulnerability in Parallels Desktop Updater allows local attackers to escalate privileges from low-privileged code execution to root-level access due to improper cryptographic signature verificati...

This vulnerability allows local attackers with high-privileged code execution on a Parallels Desktop guest system to escalate privileges on the host system via directory traversal in the Toolgate comp...

This vulnerability allows local attackers on Parallels Desktop guest systems to escalate privileges by exploiting XML injection in the Toolgate component. Attackers must first execute low-privileged c...

This vulnerability in Parallels Desktop Service allows local attackers with low-privileged access to escalate to root privileges due to improper environment variable initialization. It affects Paralle...

This vulnerability allows local attackers to escalate privileges on affected Parallels Desktop installations by exploiting improper initialization of environment variables in the Updater service. Atta...

This vulnerability in Parallels Desktop allows local attackers with high-privileged code execution on a guest VM to escalate privileges to hypervisor level through a buffer read overflow in the ACPI v...

CVE-2022-34891 is a local privilege escalation vulnerability in Parallels Desktop where incorrect file permissions allow attackers to escalate to root privileges. Attackers must first gain local code ...

This is a buffer overflow vulnerability in Parallels Desktop's HDAudio virtual device that allows local attackers with high-privileged code execution on a guest system to escalate privileges to hyperv...

This vulnerability in Parallels Desktop allows local attackers with high-privileged code execution on a guest system to escalate privileges to hypervisor level through memory corruption in the virtio-...

This is a local privilege escalation vulnerability in Parallels Desktop's Toolgate component. Attackers with low-privileged access to a guest VM can exploit a stack-based buffer overflow to execute ar...

This vulnerability allows local attackers with high-privileged code execution on a Parallels Desktop guest system to escalate privileges to hypervisor level through a race condition in the e1000e virt...

This is a heap-based buffer overflow vulnerability in Parallels Desktop's Open Tools Gate component that allows local attackers to escalate privileges from guest systems to hypervisor level. Attackers...

This vulnerability in Parallels Desktop allows local attackers with initial low-privileged access to escalate privileges to kernel-level execution through an integer overflow in the Parallels Tools co...

This is a heap-based buffer overflow vulnerability in Parallels Desktop's IDE virtual device that allows local attackers with high-privileged code execution on a guest system to escalate privileges to...

This vulnerability in Parallels Desktop allows local attackers with initial low-privileged access to a guest virtual machine to escalate privileges and execute arbitrary code in the hypervisor context...

This is a heap-based buffer overflow vulnerability in Parallels Desktop's Toolgate component that allows local attackers to escalate privileges. Attackers who already have high-privileged code executi...