46 matches found
Vulnerability fixed in VMware Workstation, Fusion & ESXi
A vulnerability has been fixed in VMware Workstation, Fusion & ESXi. The vulnerability enables a malicious person with access to a virtual machine on which CD-ROM virtualization is enabled to able to execute arbitrary code on the hypervisor. To exploit this vulnerability, a CD image must be...
CVE-2021-22045
VMware ESXi 7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG, VMware Workstation 16.2.0 and VMware Fusion 12.2.0 contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able t...
Design/Logic Flaw
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 49160. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists withi...
Corel Parallels Desktop 访问控制错误漏洞
Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Corel Canada. An Access Control Error vulnerability exists in Corel Parallels Desktop Toolgate that stems from a lack of proper validation of user-supplied data in the Toolgate component. This could lead to...
Corel Parallels Desktop 访问控制错误漏洞
Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Corel Canada. An Access Control Error vulnerability exists in Corel Parallels Desktop Toolgate that stems from a lack of proper validation of user-supplied data in the Toolgate component. This could lead to...
Corel Parallels Desktop 访问控制错误漏洞
Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Corel Canada.Desk is a writing, blogging, and note-taking application for individual developers. An Access Control Error vulnerability exists in Corel Parallels Desktop Toolgate that stems from a lack of...
CVE-2021-31424
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...
CVE-2021-31430
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...
CVE-2021-31428
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists withi...
Corel Parallels Desktop 安全漏洞
Parallels Desktop is a virtual machine software that runs on Mac computers. A heap buffer overflow vulnerability exists in the Open Tools Gate component in Parallels Desktop version 15.1.5-47309. The vulnerability stems from a failure to properly validate the length of user-supplied data before...
Corel Parallels Desktop 安全漏洞
Parallels Desktop is a virtual machine software that runs on Mac computers. A stack buffer overflow vulnerability exists in the Toolgate component in Parallels Desktop version 16.1.0-48950. The vulnerability stems from not properly validating the length of user-supplied data before copying it to ...
Parallels Desktop Toolgate Integer Overflow Elevation of Privilege Vulnerability
Parallels Desktop is a virtual machine software that runs on Mac computers. A vulnerability in Parallels Desktop Toolgate, which lacks proper validation of user-supplied data, can be exploited by an attacker to escalate privileges and execute arbitrary code in the context of the hypervisor...
Parallels Desktop Integer Underflow Elevation of Privilege Vulnerability
Parallels Desktop is a virtual machine software that runs on Mac computers. An integer underflow elevation of privilege vulnerability exists in the prlnaptd process in versions prior to Parallels Desktop 16.0.0 48916. The vulnerability stems from a lack of proper validation of user-supplied data...
CVE-2020-3967
VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.5, and Fusion 11.x before 11.5.5 contain a heap-overflow vulnerability in the USB 2.0 controller EHCI. A malicious actor with local access to a virtual...
CVE-2020-8871
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.0-47107 . An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists with...
R0Ak (The Ring 0 Army Knife) - A Command Line Utility To Read/Write/Execute Ring Zero On For Windows 10 Systems
r0ak is a Windows command-line utility that enables you to easily read, write, and execute kernel-mode code with some limitations from the command prompt, without requiring anything else other than Administrator privileges. Quick Peek r0ak v1.0.0 -- Ring 0 Army Knife...
CVE-2018-8219
An elevation of privilege vulnerability exists when Windows Hyper-V instruction emulation fails to properly enforce privilege levels, aka "Hypervisor Code Integrity Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers...
KLA11266 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, bypass security restrictions, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation...
KLA11842 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...
Microsoft Windows HVCI Security Bypass Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. A security bypass vulnerability exists in Microsoft Windows 10 Gold and 1511, which stems from a program failing to properly allow certain kernel-mode pages to be marked as Read, Write, and Execute RWX....