Latest Parallels Vulnerabilities

CVE-2023-50227
Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability
Parallels Desktop
CVE-2023-50228
Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege Escalation Vulnerability
Parallels Desktop
CVE-2023-50226
Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability
Parallels Desktop
CVE-2023-27328
Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability
Parallels Desktop
CVE-2023-27327
Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
Parallels Desktop
CVE-2023-27326
Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability
Parallels Desktop
CVE-2023-27325
Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability
Parallels Desktop
CVE-2023-27324
Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability
Parallels Desktop
CVE-2023-27323
Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
Parallels Desktop
CVE-2023-27322
Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-23-1804
Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability
Parallels Desktop
ZDI-23-1803
Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-CAN-21260
ZDI-23-1804: Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability
Parallels Desktop
ZDI-CAN-21227
ZDI-23-1805: Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-23-1805
Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-CAN-21817
ZDI-23-1803: Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege Escalation Vulnerability
Parallels Desktop
CVE-2023-45894
The Remote Application Server in Parallels RAS before 19.2.23975 does not segment virtualized applications from the server, which allows a remote attacker to achieve remote code execution via standard...
Parallels Remote Application Server<19.2.23975
ZDI-23-221
Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-CAN-17751
ZDI-23-216: Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-CAN-18253
ZDI-23-219: Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-23-220
Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-CAN-18229
ZDI-23-218: Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-CAN-18933
ZDI-23-221: Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-23-219
Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-CAN-19187
ZDI-23-220: Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-23-217
Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-CAN-18964
ZDI-23-215: Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-CAN-18150
ZDI-23-217: Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-23-216
Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-23-218
Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability
Parallels Desktop
ZDI-23-215
Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
Parallels Desktop
CVE-2022-40870
The Web Client of Parallels Remote Application Server v18.0 is vulnerable to Host Header Injection attacks. This vulnerability allows attackers to execute arbitrary commands via a crafted payload inje...
Parallels Remote Application Server=18.0
CVE-2022-34891
Parallels Desktop Updater Incorrect Permission Assignment Local Privilege Escalation Vulnerability
Parallels Parallels Desktop=17.1.1
Parallels Desktop
CVE-2022-34892
Parallels Desktop Updater Race Condition Local Privilege Escalation Vulnerability
Parallels Parallels Desktop=17.1.1
Parallels Desktop
CVE-2022-34899
Parallels Access Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
Parallels Parallels Access=6.5.4_\(39316\)
Parallels Access
CVE-2022-34902
Parallels Access Agent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Parallels Access
Parallels Parallels Access=6.5.4_\(39316\)
CVE-2022-34901
Parallels Access Agent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Parallels Parallels Access=6.5.4_\(39316\)
Parallels Access
CVE-2022-34900
Parallels Access Agent Uncontrolled Search Path Element Privilege Escalation Vulnerability
Parallels Parallels Access=6.5.4_\(39313\)
Parallels Access
CVE-2021-34986
Parallels Desktop Service Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
Parallels Desktop=16.5.0
Parallels Desktop
CVE-2021-34987
Parallels Desktop HDAudio Buffer Overflow Local Privilege Escalation Vulnerability
Parallels Desktop=16.5.1
Parallels Desktop
CVE-2022-30777
Parallels H-Sphere 3.6.1713 allows XSS via the index_en.php from parameter.
Parallels H-Sphere=3.6.2
CVE-2021-34867
Parallels Desktop Toolgate Uncontrolled Memory Allocation Privilege Escalation Vulnerability
Parallels Desktop
Parallels Parallels=16.1.3-49160
CVE-2021-34869
Parallels Desktop Toolgate Uncontrolled Memory Allocation Privilege Escalation Vulnerability
Parallels Desktop
Parallels Parallels=16.1.3-49160
CVE-2021-34868
Parallels Desktop Toolgate Uncontrolled Memory Allocation Privilege Escalation Vulnerability
Parallels Parallels=16.1.3-49160
Parallels Desktop
CVE-2020-8968
Parallels Remote Application Server credentials management errors
Parallels Remote Application Server>=15.5<=17.0
CVE-2021-34857
(Pwn2Own) Parallels Desktop Toolgate Out-Of-Bounds Write Privilege Escalation Vulnerability
Parallels Desktop
Parallels Desktop=16.1.3
CVE-2021-34856
(Pwn2Own) Parallels Desktop virtio-gpu Memory Corruption Privilege Escalation Vulnerability
Parallels Desktop
Parallels Desktop=16.1.3
CVE-2021-34855
(Pwn2Own) Parallels Desktop Toolgate Uninitialized Memory Information Disclosure Vulnerability
Parallels Desktop
Parallels Desktop=16.1.3
CVE-2021-34854
(Pwn2Own) Parallels Desktop Toolgate Uncontrolled Memory Allocation Privilege Escalation Vulnerability
Parallels Desktop=16.1.3
Parallels Desktop
CVE-2021-31418
Parallels Desktop Toolgate Uninitialized Memory Information Disclosure Vulnerability
Parallels Desktop
Parallels Parallels Desktop=15.1.4-47270

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203