Parallels

Parallels Desktop

75 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2024-52561

Exploit
  • EPSS 0.07%
  • Veröffentlicht 03.06.2025 09:43:27
  • Zuletzt bearbeitet 02.07.2025 14:53:50

A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is deleted, a root service verifies and modifies the ownership of the snapshot f...

7.8

CVE-2024-36486

Exploit
  • EPSS 0.08%
  • Veröffentlicht 03.06.2025 09:43:26
  • Zuletzt bearbeitet 02.07.2025 15:06:56

A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac version 20.1.1 (55740). When an archived virtual machine is restored, the prl_vmarchiver tool decompresses the file and ...

7.8

CVE-2025-30074

  • EPSS 0.02%
  • Veröffentlicht 16.03.2025 00:00:00
  • Zuletzt bearbeitet 16.03.2025 03:15:39

Alludo Parallels Desktop before 19.4.2 and 20.x before 20.2.2 for macOS on Intel platforms allows privilege escalation to root via the VM creation routine.

7.8

CVE-2025-0413

  • EPSS 0.05%
  • Veröffentlicht 05.02.2025 00:15:28
  • Zuletzt bearbeitet 15.08.2025 12:45:24

Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the abi...

9.8

CVE-2024-34331

  • EPSS 0.54%
  • Veröffentlicht 23.09.2024 16:15:05
  • Zuletzt bearbeitet 26.09.2024 13:32:55

A lack of code signature verification in Parallels Desktop for Mac v19.3.0 and below allows attackers to escalate privileges via a crafted macOS installer, because Parallels Service is setuid root.

10

CVE-2024-6240

  • EPSS 0.13%
  • Veröffentlicht 21.06.2024 14:15:14
  • Zuletzt bearbeitet 21.11.2024 09:49:15

Improper privilege management vulnerability in Parallels Desktop Software, which affects versions earlier than 19.3.0. An attacker could add malicious code in a script and populate the BASH_ENV environment variable with the path to the malicious scri...

6.7

CVE-2024-6154

  • EPSS 0.05%
  • Veröffentlicht 20.06.2024 20:15:21
  • Zuletzt bearbeitet 21.11.2024 09:49:04

Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability...

7.8

CVE-2024-6153

  • EPSS 0.06%
  • Veröffentlicht 20.06.2024 20:15:20
  • Zuletzt bearbeitet 21.11.2024 09:49:04

Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows local attackers to downgrade Parallels software on affected installations of Parallels Desktop. An attacker must first obtain the abili...

8.3

CVE-2023-50227

  • EPSS 2.79%
  • Veröffentlicht 03.05.2024 03:16:11
  • Zuletzt bearbeitet 08.08.2025 18:44:17

Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vu...

7.8

CVE-2023-50226

  • EPSS 0.28%
  • Veröffentlicht 03.05.2024 03:16:11
  • Zuletzt bearbeitet 08.08.2025 18:43:26

Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute l...