Parallels Desktop 安全漏洞

Parallels Desktop is a suite of virtual machine software for the macOS platform from US-based Parallels, Inc. A security vulnerability exists in Parallels Desktop for Mac version 20.2.2, which stems from a directory traversal issue in the PVMP package decompression feature that could lead to...

Parallels Desktop 安全漏洞

Parallels Desktop is a suite of virtual machine software for the macOS platform from US-based Parallels, Inc. A security vulnerability exists in Parallels Desktop for Mac version 20.1.1, which stems from a hard-link issue in the Virtual Machine Archive Recovery feature that could lead to elevated...

Parallels Desktop 安全漏洞

Parallels Desktop is a suite of virtual machine software for the macOS platform from US-based Parallels, Inc. A security vulnerability exists in Parallels Desktop for Mac version 20.1.1, which stems from a symbolic linking issue in the Snapshot feature that could lead to elevated privileges...

CVE-2021-31419

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4-47270. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

CVE-2021-31430

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

CVE-2021-31421

This vulnerability allows local attackers to delete arbitrary files on affected installations of Parallels Desktop 16.1.1-49141. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists...

Parallels Desktop 安全漏洞

Parallels Desktop is a suite of virtual machine software for the macOS platform from US-based Parallels, Inc. A security vulnerability exists in Parallels Desktop versions prior to 19.4.2 and 20.x prior to 20.2.2, which stems from a VM creation routine that allows privileges to be elevated to roo...

The vulnerability of the do_repack_createinstallmedia function in Parallels Desktop hypervisors allows a hacker to increase their privileges.

The vulnerability of the dorepackcreateinstallmedia function in Parallels Desktop hypervisors is related to synchronization errors when using a shared resource “Race Situation”. Exploiting this vulnerability can allow an attacker to gain increased privileges...

Parallels Desktop 后置链接漏洞

Parallels Desktop is a suite of virtual machine software for the macOS platform from US-based Parallels, Inc. Parallels Desktop suffers from a backlink vulnerability that stems from an issue in the Technical Data Reporter component, whereby the service can be abused to change the permissions of...

PT-2025-3882 · Parallels · Parallels Desktop

Name of the Vulnerable Software and Affected Versions: Parallels Desktop affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target host...

Parallels Desktop Mac 安全漏洞

Parallels Desktop is a suite of virtual machine software for the macOS platform from US-based Parallels, Inc. A security vulnerability exists in Parallels Desktop Mac version 19.3.0 and earlier, which stems from a lack of code signature verification and allows an attacker to elevate privileges vi...

The vulnerability of the Toolgate component in Parallels Desktop hypervisor allows a hacker to elevate their privileges and execute arbitrary code.

The vulnerability of the Toolgate component in Parallels Desktop Hypervisor Suite involves an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...

The vulnerability of the Updater service of the Parallels Desktop hypervisor allows a hacker to downgrade the software version.

The vulnerability of the Updater service in Parallels Desktop operating systems is related to a breach of data protection mechanisms. Exploiting this vulnerability could allow an attacker to downgrade the software version...

CVE-2024-6240

Improper privilege management vulnerability in Parallels Desktop Software, which affects versions earlier than 19.3.0. An attacker could add malicious code in a script and populate the BASHENV environment variable with the path to the malicious script, executing on application startup. An attacke...

CVE-2024-6154

Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target...

CVE-2023-50228

Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged...

CVE-2023-50227

Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vulnerability in that the target in a guest syste...

CVE-2023-50226

Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in...

CVE-2023-50228

Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged...

CVE-2023-27328

Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system i...