Vulnerabilities > Parallels > High

DATE CVE VULNERABILITY TITLE RISK
2024-06-20 CVE-2024-6153 Unspecified vulnerability in Parallels Desktop
Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability.
local
low complexity
parallels
7.8
7.8
2022-11-23 CVE-2022-40870 Improper Encoding or Escaping of Output vulnerability in Parallels Remote Application Server 18.0
The Web Client of Parallels Remote Application Server v18.0 is vulnerable to Host Header Injection attacks.
network
high complexity
parallels CWE-116
8.1
8.1
2022-07-18 CVE-2022-34889 Out-of-bounds Read vulnerability in Parallels Desktop 17.1.1(51537)
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 17.1.1 (51537).
local
low complexity
parallels CWE-125
8.2
8.2
2022-07-18 CVE-2022-34890 Untrusted Pointer Dereference vulnerability in Parallels Desktop 17.1.1(51537)
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 17.1.1 (51537).
local
low complexity
parallels CWE-822
8.8
8.8
2022-07-18 CVE-2022-34891 Unspecified vulnerability in Parallels Desktop 17.1.1
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1.
local
low complexity
parallels
7.8
7.8
2022-07-18 CVE-2022-34892 Race Condition vulnerability in Parallels Desktop 17.1.1
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1.
local
low complexity
parallels CWE-362
7.8
7.8
2022-07-18 CVE-2022-34899 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Parallels Access 6.5.4(39316)
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent.
local
low complexity
parallels CWE-367
7.8
7.8
2022-07-18 CVE-2022-34900 Uncontrolled Search Path Element vulnerability in Parallels Access 6.5.4(39313)
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.3 (39313) Agent.
local
low complexity
parallels CWE-427
7.8
7.8
2022-07-18 CVE-2022-34901 Uncontrolled Search Path Element vulnerability in Parallels Access 6.5.4(39316)
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent.
local
low complexity
parallels CWE-427
7.8
7.8
2022-07-18 CVE-2022-34902 Uncontrolled Search Path Element vulnerability in Parallels Access 6.5.4(39316)
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent.
local
low complexity
parallels CWE-427
7.8
7.8