Design/Logic Flaw

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Integer overflow

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2020-17402

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4 47270. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

Parallels Desktop Information Disclosure Vulnerability (CNVD-2020-46853)

Parallels Desktop is a virtual machine software that runs on Mac computers. An information disclosure vulnerability exists in the HOSTIOCTLINITHYPERVISOR handler in prlhypervisor kext in versions prior to Parallels Desktop 16.0.0 48916. The vulnerability stems from unprivileged users being able t...

Parallels Desktop Information Disclosure Vulnerability (CNVD-2020-46855)

Parallels Desktop is a virtual machine software that runs on Mac computers. An information disclosure vulnerability exists in prlhypervisor kext in versions prior to Parallels Desktop 15.1.4 47270. The vulnerability stems from a lack of proper validation of user-supplied data. An attacker could...

Parallels Desktop Out-of-Bounds Read Elevation of Privilege Vulnerability (CNVD-2020-46861)

Parallels Desktop is a virtual machine software that runs on Mac computers. An out-of-bounds read elevation of privilege vulnerability exists in prlhypervisor kext in versions prior to Parallels Desktop 16.0.0 48916. The vulnerability stems from a lack of proper validation of user-supplied data. ...

Parallels Desktop prl_hypervisor Exposed Dangerous Method Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handler for...

Parallels Desktop prl_hypervisor Improper Input Validation Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prlhypervisor...

Parallels Desktop prl_hypervisor Incorrect Permission Assignment for Critical Resource Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

(Pwn2Own) Apple Safari Symbolic Link Arbitrary Application Execution Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple Safari. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of symboli...

Windows 10 Insider Preview Fast win32kbase HMMarkObjectDestroy Arbitrary Code Execution Vulnerability Regression

Summary A use after free vulnerability exists in Windows 10, Insider Preview Fast 10.0.19582.1001, when a Win32k component fails to properly handle objects in memory. Successful exploitation of this vulnerability can lead to arbitrary code execution in the kernel context and elevation of...

Intel Wi-Fi Link Driver Netwtw06 Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Intel Wi-Fi Link Driver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of 802.11 frames. The issue results from the lack of...

Design/Logic Flaw

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2020-8875

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Windows 10 win32kbase HMMarkObjectDestroy Arbitrary Code Execution Vulnerability

Summary A use after free vulnerability exists in Windows 10, Version 10.0.19033.1, when a Win32k component fails to properly handle objects in memory. Successful exploitation of this vulnerability can lead to arbitrary code execution in the kernel context and elevation of privileges. This...

Fedora 30 : xen (2019-53b0dc52ee)

xen: various flaws 1685577 grant table transfer issues on large hosts XSA-284 race with pass-through device hotplug XSA-285 x86: stealpage violates pagestruct access discipline XSA-287 x86: Inconsistent PV IOMMU discipline XSA-288 missing preemption in x86 PV page table unvalidation XSA-290 x86/P...

Fedora 28 : xen (2019-bce6498890)

xen: various flaws 1685577 grant table transfer issues on large hosts XSA-284 race with pass-through device hotplug XSA-285 x86: stealpage violates pagestruct access discipline XSA-287 x86: Inconsistent PV IOMMU discipline XSA-288 missing preemption in x86 PV page table unvalidation XSA-290 x86/P...

Trend Micro Anti-Virus KERedirect Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Trend Micro Anti-Virus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Apple macOS AirPort BrcmNIC Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...