CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2020-17397 – Parallels Desktop Networking Out-Of-Bounds Access Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-17397
18 Aug 2020 — This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. ... Fue ZDI-CAN-11253 This vulnerability allows local attackers to escalate privileges on affected installations of Parallel... • https://kb.parallels.com/en/125013 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-17396 – Parallels Desktop prl_hypervisor Integer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-17396
18 Aug 2020 — This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. ... Fue ZDI-CAN-11217 This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Deskto... • https://kb.parallels.com/en/125013 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-17399 – Parallels Desktop prl_hypervisor Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-17399
18 Aug 2020 — This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. ... Fue ZDI-CAN-11303 This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Deskto... • https://kb.parallels.com/en/125013 • CWE-129: Improper Validation of Array Index •
CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-17401 – Parallels Desktop VGA Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-17401
18 Aug 2020 — An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute code in the context of the hypervisor. ... An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute code in the context of the hypervisor. • https://kb.parallels.com/en/125013 • CWE-129: Improper Validation of Array Index •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-17390 – Parallels Desktop hypervisor Out-Of-Bounds Read Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-17390
18 Aug 2020 — This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. ... Fue ZDI-CAN-10030 This vulnerability allows local attackers to escalate privileges on affected installations of Pa... • https://kb.parallels.com/en/125013 • CWE-125: Out-of-bounds Read •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2020-17395 – Parallels Desktop Networking Service Integer Underflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-17395
18 Aug 2020 — This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. ... Fue ZDI-CAN-11134 This vulnerability allows local attackers to escalate privileges on affected installations of Parallel... • https://kb.parallels.com/en/125013 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-17400 – Parallels Desktop prl_hypervisor Out-Of-Bounds Read Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-17400
18 Aug 2020 — This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. ... Fue ZDI-CAN-11304 This vulnerability allows local attackers to escalate privileges on affected installations of Parallel... • https://kb.parallels.com/en/125013 • CWE-129: Improper Validation of Array Index •
CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-17394 – Parallels Desktop OEMNet Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-17394
18 Aug 2020 — An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute code in the context of the hypervisor. ... An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute code in the context of the hypervisor. • https://kb.parallels.com/en/125013 • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2020-1529 – Windows GDI Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-1529
17 Aug 2020 — An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by correcting how GDI handles objects in memory and by preventing instances of unintended user-mode privilege elevation. ... The update addresses the vulnerability by correcting how GDI handles objects in memory and by preventing instances of unintended user-mode privilege elevation. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1529 •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2020-1480 – Windows GDI Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-1480
17 Aug 2020 — An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by correcting how GDI handles objects in memory and by preventing instances of unintended user-mode privilege elevation. ... The update addresses the vulnerability by correcting how GDI handles objects in memory and by preventing instances of unintended user-mode privilege elevation. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1480 •