Vulnerabilities > Parallels > High

DATE CVE VULNERABILITY TITLE RISK
2024-06-20 CVE-2024-6153 Unspecified vulnerability in Parallels Desktop
Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability.
local
low complexity
parallels
7.8
7.8
2022-11-23 CVE-2022-40870 Improper Encoding or Escaping of Output vulnerability in Parallels Remote Application Server 18.0
The Web Client of Parallels Remote Application Server v18.0 is vulnerable to Host Header Injection attacks.
network
high complexity
parallels CWE-116
8.1
8.1
2022-01-25 CVE-2021-34867 Uncontrolled Memory Allocation vulnerability in Parallels 16.1.349160
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160.
local
low complexity
parallels CWE-789
7.2
7.2
2022-01-25 CVE-2021-34868 Uncontrolled Memory Allocation vulnerability in Parallels 16.1.349160
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160.
local
low complexity
parallels CWE-789
7.2
7.2
2022-01-25 CVE-2021-34869 Uncontrolled Memory Allocation vulnerability in Parallels 16.1.349160
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160.
local
low complexity
parallels CWE-789
7.2
7.2
2021-12-17 CVE-2020-8968 Unspecified vulnerability in Parallels Remote Application Server 15.5/17.0
Parallels Remote Application Server (RAS) allows a local attacker to retrieve certain profile password in clear text format by uploading a previously stored cyphered file by Parallels RAS.
local
low complexity
parallels
7.1
7.1
2021-10-25 CVE-2021-34854 Uncontrolled Memory Allocation vulnerability in Parallels Desktop 16.1.3
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160).
local
low complexity
parallels CWE-789
7.2
7.2
2021-10-25 CVE-2021-34856 Out-of-bounds Write vulnerability in Parallels Desktop 16.1.3
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160).
local
low complexity
parallels CWE-787
8.8
8.8
2021-10-25 CVE-2021-34864 Unspecified vulnerability in Parallels Desktop 16.1.3
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160).
local
low complexity
parallels
8.8
8.8
2021-04-29 CVE-2021-31426 Integer Overflow or Wraparound vulnerability in Parallels Desktop 16.1.249151
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151.
local
low complexity
parallels CWE-190
7.2
7.2