Vulnerabilities > Parallels

DATE CVE VULNERABILITY TITLE RISK
2020-12-25 CVE-2020-35710 Information Exposure vulnerability in Parallels Remote Application Server 18.0
Parallels Remote Application Server (RAS) 18 allows remote attackers to discover an intranet IP address because submission of the login form (even with blank credentials) provides this address to the attacker's client for use as a "host" value.
network
low complexity
parallels CWE-200
5.0
2020-08-25 CVE-2020-17402 Incorrect Permission Assignment FOR Critical Resource vulnerability in Parallels Desktop
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4 (47270).
local
low complexity
parallels CWE-732
2.1
2020-08-25 CVE-2020-17401 Improper Validation of Array Index vulnerability in Parallels Desktop
This vulnerability allows local attackers to disclose sensitive informations on affected installations of Parallels Desktop 15.1.4.
local
low complexity
parallels CWE-129
2.1
2020-08-25 CVE-2020-17400 Improper Validation of Array Index vulnerability in Parallels Desktop
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4.
local
low complexity
parallels CWE-129
4.6
2020-08-25 CVE-2020-17399 Improper Validation of Array Index vulnerability in Parallels Desktop
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4.
local
low complexity
parallels CWE-129
4.6
2020-08-25 CVE-2020-17398 Improper Validation of Array Index vulnerability in Parallels Desktop
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.4.
local
low complexity
parallels CWE-129
2.1
2020-08-25 CVE-2020-17397 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Parallels Desktop
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4.
local
low complexity
parallels CWE-119
4.6
2020-08-25 CVE-2020-17396 Integer Overflow OR Wraparound vulnerability in Parallels Desktop
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4.
local
low complexity
parallels CWE-190
4.6
2020-08-25 CVE-2020-17395 Integer Underflow (Wrap OR Wraparound) vulnerability in Parallels Desktop
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4.
local
low complexity
parallels CWE-191
4.6
2020-08-25 CVE-2020-17394 Improper Validation of Array Index vulnerability in Parallels Desktop
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4.
local
low complexity
parallels CWE-129
2.1