Vulnerabilities > Parallels > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-03-29 CVE-2021-27242 Out-of-bounds Write vulnerability in Parallels Desktop 16.0.1
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919.
local
low complexity
parallels CWE-787
4.6
4.6
2020-12-25 CVE-2020-35710 Information Exposure vulnerability in Parallels Remote Application Server 18.0
Parallels Remote Application Server (RAS) 18 allows remote attackers to discover an intranet IP address because submission of the login form (even with blank credentials) provides this address to the attacker's client for use as a "host" value.
network
low complexity
parallels CWE-200
5.0
5.0
2020-08-25 CVE-2020-17400 Improper Validation of Array Index vulnerability in Parallels Desktop
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4.
local
low complexity
parallels CWE-129
4.6
4.6
2020-08-25 CVE-2020-17399 Improper Validation of Array Index vulnerability in Parallels Desktop
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4.
local
low complexity
parallels CWE-129
4.6
4.6
2020-08-25 CVE-2020-17397 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Parallels Desktop
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4.
local
low complexity
parallels CWE-119
4.6
4.6
2020-08-25 CVE-2020-17396 Integer Overflow or Wraparound vulnerability in Parallels Desktop
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4.
local
low complexity
parallels CWE-190
4.6
4.6
2020-08-25 CVE-2020-17395 Integer Underflow (Wrap or Wraparound) vulnerability in Parallels Desktop
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4.
local
low complexity
parallels CWE-191
4.6
4.6
2020-08-25 CVE-2020-17392 Untrusted Pointer Dereference vulnerability in Parallels Desktop
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.3-47255.
local
low complexity
parallels CWE-822
4.6
4.6
2020-08-25 CVE-2020-17390 Out-of-bounds Read vulnerability in Parallels Desktop
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123.
local
low complexity
parallels CWE-125
4.6
4.6
2020-03-23 CVE-2020-8874 Integer Overflow or Wraparound vulnerability in Parallels Desktop
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123.
local
low complexity
parallels CWE-190
4.6
4.6