cbcvebase.

Parallels vulnerabilities

5 known vulnerabilities affecting parallels/parallels.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH5

Vulnerabilities

Page 1 of 1
CVE-2021-34868P3HIGHCVSS 8.8v16.1.3-491602022-01-25
CVE-2021-34868 [HIGH] CWE-789 CVE-2021-34868: This vulnerability allows local attackers to escalate privileges on affected installations of Parall This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack
nvd
CVE-2021-34869P3HIGHCVSS 8.8v16.1.3-491602022-01-25
CVE-2021-34869 [HIGH] CWE-789 CVE-2021-34869: This vulnerability allows local attackers to escalate privileges on affected installations of Parall This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack
nvd
CVE-2025-0413P3HIGHCVSS 7.8≥ 19.0-23304, < 19.4.3-25221≥ 20.0-25389, < 20.2-258892025-02-05
CVE-2025-0413 [HIGH] CWE-59 CVE-2025-0413: Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability. Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The sp
nvd
CVE-2021-34867P3HIGHCVSS 8.2v16.1.3-491602022-01-25
CVE-2021-34867 [HIGH] CWE-789 CVE-2021-34867: This vulnerability allows local attackers to escalate privileges on affected installations of Parall This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lac
nvd
CVE-2020-7213P4HIGHCVSS 7.5v132020-01-21
CVE-2020-7213 [HIGH] CWE-312 CVE-2020-7213: Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. Users of out-of-date versions are presented with a pop-up window for a parallels_updates.xml file on the http://update.parallels.com web site.
nvd
Parallels vulnerabilities | cvebase