Vulnerabilities > Parallels
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-23 | CVE-2022-40870 | Improper Encoding or Escaping of Output vulnerability in Parallels Remote Application Server 18.0 The Web Client of Parallels Remote Application Server v18.0 is vulnerable to Host Header Injection attacks. | 8.1 |
| 2022-05-16 | CVE-2022-30777 | Cross-site Scripting vulnerability in Parallels H-Sphere 3.6.2 Parallels H-Sphere 3.6.1713 allows XSS via the index_en.php from parameter. | 4.3 |
| 2022-01-25 | CVE-2021-34867 | Uncontrolled Memory Allocation vulnerability in Parallels 16.1.349160 This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. | 7.2 |
| 2022-01-25 | CVE-2021-34868 | Uncontrolled Memory Allocation vulnerability in Parallels 16.1.349160 This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. | 7.2 |
| 2022-01-25 | CVE-2021-34869 | Uncontrolled Memory Allocation vulnerability in Parallels 16.1.349160 This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. | 7.2 |
| 2021-12-17 | CVE-2020-8968 | Unspecified vulnerability in Parallels Remote Application Server 15.5/17.0 Parallels Remote Application Server (RAS) allows a local attacker to retrieve certain profile password in clear text format by uploading a previously stored cyphered file by Parallels RAS. | 2.1 |
| 2021-10-25 | CVE-2021-34854 | Uncontrolled Memory Allocation vulnerability in Parallels Desktop 16.1.3 This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). | 7.2 |
| 2021-10-25 | CVE-2021-34855 | Use of Uninitialized Resource vulnerability in Parallels Desktop 16.1.3 This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.1.3 (49160). | 2.1 |
| 2021-10-25 | CVE-2021-34856 | Out-of-bounds Write vulnerability in Parallels Desktop 16.1.3 This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). | 8.8 |
| 2021-10-25 | CVE-2021-34857 | Out-of-bounds Write vulnerability in Parallels Desktop 16.1.3 This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). | 4.6 |