Parallels Parallels Desktop — known CVE vulnerabilities
Every CVE whose affected-product data names Parallels Parallels Desktop, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (74)
CVE-2021-27243 — CVSS 8.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An attacker…
CVE-2020-17400 — CVSS 8.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must…
CVE-2021-34857 — CVSS 8.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker…
CVE-2021-34856 — CVSS 8.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker…
CVE-2021-31426 — CVSS 8.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. An attacker…
CVE-2021-31425 — CVSS 8.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. An attacker…
CVE-2020-8875 — CVSS 8.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker…
CVE-2021-31424 — CVSS 8.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker…
CVE-2021-27242 — CVSS 8.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An attacker…
CVE-2021-31420 — CVSS 8.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.0-48950. An attacker…
CVE-2025-31359 — CVSS 8.8 (high): A directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac version 20.2.2 (55879)…
CVE-2020-17390 — CVSS 8.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker…
CVE-2022-34890 — CVSS 8.8 (high): This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 17.1.1 (51537)…
CVE-2020-17392 — CVSS 8.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.3-47255. An attacker…
CVE-2020-17396 — CVSS 8.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must…
CVE-2021-34864 — CVSS 8.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker…
CVE-2020-17399 — CVSS 8.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must…
CVE-2021-27278 — CVSS 8.2 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An attacker…
CVE-2023-27326 — CVSS 8.2 (high): Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to…
CVE-2020-17395 — CVSS 8.2 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must…
CVE-2021-31429 — CVSS 8.2 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker…
CVE-2020-17397 — CVSS 8.2 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must…
CVE-2021-31428 — CVSS 8.2 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker…
CVE-2022-34889 — CVSS 8.2 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 17.1.1 (51537). An attacker…
CVE-2021-34987 — CVSS 8.2 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.1 (49187). An attacker…
CVE-2023-50226 — CVSS 7.8 (high): Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate…
CVE-2019-17148 — CVSS 7.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop version…
CVE-2021-27259 — CVSS 7.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An attacker…
CVE-2021-34854 — CVSS 7.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker…
CVE-2021-34986 — CVSS 7.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.0 (49183). An attacker…
CVE-2022-34891 — CVSS 7.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1…
CVE-2022-34892 — CVSS 7.8 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1…
CVE-2023-27322 — CVSS 7.8 (high): Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to…
CVE-2023-27323 — CVSS 7.8 (high): Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to…
CVE-2023-27324 — CVSS 7.8 (high): Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to…
CVE-2023-27325 — CVSS 7.8 (high): Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to…
CVE-2023-27328 — CVSS 7.8 (high): Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate…
CVE-2023-50228 — CVSS 7.8 (high): Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege Escalation Vulnerability. This vulnerability…
CVE-2024-36486 — CVSS 7.8 (high): A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac version…
CVE-2024-52561 — CVSS 7.8 (high): A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a…
CVE-2024-54189 — CVSS 7.8 (high): A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a…
CVE-2024-6153 — CVSS 7.8 (high): Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows local attackers to…
CVE-2024-6240 — CVSS 7.7 (high): Improper privilege management vulnerability in Parallels Desktop Software, which affects versions earlier than 19.3.0. An attacker could…
CVE-2023-27327 — CVSS 7.5 (high): Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to…
CVE-2021-31422 — CVSS 7.5 (high): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An attacker…
CVE-2007-1222 — CVSS 7.2 (high): Parallels Desktop for Mac before 20070216 implements Drag and Drop by sharing the entire host filesystem as the .psf share, which allows…
CVE-2007-2454 — CVSS 6.8 (medium): Heap-based buffer overflow in the VGA device in Parallels allows local users, with root access to the guest operating system, to terminate…
CVE-2020-8871 — CVSS 6.7 (medium): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.0-47107 . An attacker…
CVE-2024-6154 — CVSS 6.7 (medium): Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability. This vulnerability allows local attackers…
CVE-2020-8874 — CVSS 6.7 (medium): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker…
CVE-2020-8873 — CVSS 6.7 (medium): This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker…
CVE-2021-31417 — CVSS 6.5 (medium): This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4-47270. An…
CVE-2020-17393 — CVSS 6.5 (medium): This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.3-47255. An attacker…
CVE-2020-17391 — CVSS 6.5 (medium): This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.3-47255. An attacker…
CVE-2020-17402 — CVSS 6.5 (medium): This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4 (47270)…
CVE-2020-17398 — CVSS 6.5 (medium): This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.4. An attacker must…
CVE-2021-27244 — CVSS 6.5 (medium): This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.0.1-48919. An…
CVE-2021-34855 — CVSS 6.5 (medium): This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.1.3 (49160)…
CVE-2021-31419 — CVSS 6.5 (medium): This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4-47270. An…
CVE-2021-31418 — CVSS 6.5 (medium): This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4-47270. An…
CVE-2007-2455 — CVSS 6.1 (medium): Parallels allows local users to cause a denial of service (virtual machine abort) via (1) certain INT instructions, as demonstrated by INT…
CVE-2020-17401 — CVSS 6.0 (medium): This vulnerability allows local attackers to disclose sensitive informations on affected installations of Parallels Desktop 15.1.4. An…
CVE-2021-31432 — CVSS 6.0 (medium): This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An…
CVE-2020-17394 — CVSS 6.0 (medium): This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4. An…
CVE-2021-31421 — CVSS 6.0 (medium): This vulnerability allows local attackers to delete arbitrary files on affected installations of Parallels Desktop 16.1.1-49141. An…
CVE-2021-31431 — CVSS 6.0 (medium): This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An…
CVE-2021-31423 — CVSS 6.0 (medium): This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An…
CVE-2021-31430 — CVSS 6.0 (medium): This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An…
CVE-2021-31427 — CVSS 5.6 (medium): This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An…
CVE-2020-8876 — CVSS 5.5 (medium): This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.2-47123. An attacker…
CVE-2020-8872 — CVSS 4.4 (medium): This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.1-47117. An…
CVE-2021-27260 — CVSS 3.2 (low): This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.0.1-48919. An…
CVE-2006-5817 — CVSS 2.1 (low): prl_dhcpd in Parallels Desktop for Mac Build 1940 uses insecure permissions (0666) for /Library/Parallels/.dhcpd_configuration, which…