Home/Product/parallels desktop
Product

parallels desktop

151 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-31359
all versions
A directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac version 20.2.2
8.8HIGH
 CVE-2024-54189
all versions
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740
7.8HIGH
 CVE-2024-52561
all versions
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740
7.8HIGH
 CVE-2024-36486
all versions
A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac
7.8HIGH
 CVE-2025-0413
< 19.4.3.2-25228
Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability. This vulnerability allows loca
7.8HIGH
 CVE-2024-6240
< 19.3.0
Improper privilege management vulnerability in Parallels Desktop Software, which affects versions earlier than 19.3.0. An attacker
7.7HIGH
 CVE-2024-6154
< 18.1.0
Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability. This vulnerability allows local at
6.7MEDIUM
 CVE-2024-6153
< 18.1.0
Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows local attackers
7.8HIGH
 CVE-2023-50228
< 19.1.0_\(54729\)
Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege Escalation Vulnerability. This vulnerab
7.8HIGH
 CVE-2023-50227
< 19.1.0_\(54729\)
Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers t
8.3HIGH
 CVE-2023-50226
< 17.1.7_\(51588\)
Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to es
7.8HIGH
 CVE-2023-27328
< 18.1.1_\(53328\)
Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to es
7.8HIGH
 CVE-2023-27327
< 18.1.1_\(53328\)
Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local att
7.5HIGH
 CVE-2023-27326
< 18.1.1_\(53328\)
Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers
8.2HIGH
 CVE-2023-27325
< 18.1.0_\(53311\)
Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attack
7.8HIGH
 CVE-2023-27324
< 18.1.0_\(53311\)
Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attack
7.8HIGH
 CVE-2023-27323
< 18.1.0_\(53311\)
Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local atta
7.8HIGH
 CVE-2023-27322
< 18.1.0_\(53311\)
Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attack
7.8HIGH
 CVE-2023-45894
< 19.2.23975
The Remote Application Server in Parallels RAS before 19.2.23975 does not segment virtualized applications from the server, which
10.0CRITICAL
 CVE-2022-40870
all versions
The Web Client of Parallels Remote Application Server v18.0 is vulnerable to Host Header Injection attacks. This vulnerability all
8.1HIGH
 CVE-2022-34902
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent
7.8HIGH
 CVE-2022-34901
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent
7.8HIGH
 CVE-2022-34900
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.3 (39313) Agent
7.8HIGH
 CVE-2022-34899
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent
7.8HIGH
 CVE-2022-34892
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop
7.8HIGH
 CVE-2022-34891
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop
7.8HIGH
 CVE-2022-34890
all versions
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 17.1.1
8.8HIGH
 CVE-2022-34889
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 17.1.1 (51537). An
8.2HIGH
 CVE-2021-34987
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.1 (49187). An
8.2HIGH
 CVE-2021-34986
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.0 (49183). An
7.8HIGH
 CVE-2022-30777
all versions
Parallels H-Sphere 3.6.1713 allows XSS via the index_en.php from parameter.
6.1MEDIUM
 CVE-2021-34869
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An a
8.8HIGH
 CVE-2021-34868
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An a
8.8HIGH
 CVE-2021-34867
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An a
8.2HIGH
 CVE-2020-8968
>= 15.5 and <= 17.0
Parallels Remote Application Server (RAS) allows a local attacker to retrieve certain profile password in clear text format by upl
7.1HIGH
 CVE-2021-34864
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An
8.8HIGH
 CVE-2021-34857
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An
8.8HIGH
 CVE-2021-34856
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An
8.8HIGH
 CVE-2021-34855
all versions
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.1.3
6.5MEDIUM
 CVE-2021-34854
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An
7.8HIGH
 CVE-2021-31432
all versions
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-
6.0MEDIUM
 CVE-2021-31431
all versions
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-
6.0MEDIUM
 CVE-2021-31430
all versions
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-
6.0MEDIUM
 CVE-2021-31429
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An a
8.2HIGH
 CVE-2021-31428
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An a
8.2HIGH
 CVE-2021-31427
all versions
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-
5.6MEDIUM
 CVE-2021-31426
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. An a
8.8HIGH
 CVE-2021-31425
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. An a
8.8HIGH
 CVE-2021-31424
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An a
8.8HIGH
 CVE-2021-31423
all versions
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-
6.0MEDIUM
 CVE-2021-31422
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An a
7.5HIGH
 CVE-2021-31421
all versions
This vulnerability allows local attackers to delete arbitrary files on affected installations of Parallels Desktop 16.1.1-49141. A
6.0MEDIUM
 CVE-2021-31420
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.0-48950. An a
8.8HIGH
 CVE-2021-31419
all versions
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4-
6.5MEDIUM
 CVE-2021-31418
all versions
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4-
6.5MEDIUM
 CVE-2021-31417
all versions
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4-
6.5MEDIUM
 CVE-2021-27278
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An a
8.2HIGH
 CVE-2021-27260
all versions
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.0.1-
3.2LOW
 CVE-2021-27259
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An a
7.8HIGH
 CVE-2021-27244
all versions
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.0.1-
6.5MEDIUM
 CVE-2021-27243
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An a
8.8HIGH
 CVE-2021-27242
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An a
8.8HIGH
 CVE-2020-35710
all versions
Parallels Remote Application Server (RAS) 18 allows remote attackers to discover an intranet IP address because submission of the
5.3MEDIUM
 CVE-2020-17402
< 16.0.0
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4
6.5MEDIUM
 CVE-2020-17401
< 16.0.0
This vulnerability allows local attackers to disclose sensitive informations on affected installations of Parallels Desktop 15.1.4
6.0MEDIUM
 CVE-2020-17400
< 16.0.0
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacke
8.8HIGH
 CVE-2020-17399
< 16.0.0
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacke
8.8HIGH
 CVE-2020-17398
< 16.0.0
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.4. An attack
6.5MEDIUM
 CVE-2020-17397
< 16.0.0
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacke
8.2HIGH
 CVE-2020-17396
< 16.0.0
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacke
8.8HIGH
 CVE-2020-17395
< 16.0.0
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacke
8.2HIGH
 CVE-2020-17394
< 16.0.0
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4.
6.0MEDIUM
 CVE-2020-17393
< 15.1.4
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.3-47255. An
6.5MEDIUM
 CVE-2020-17392
< 16.0.0
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.3-47255. An a
8.8HIGH
 CVE-2020-17391
< 16.0.0
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.3-47255. An
6.5MEDIUM
 CVE-2020-17390
< 15.1.4
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An a
8.8HIGH
 CVE-2020-15860
all versions
Parallels Remote Application Server (RAS) 17.1.1 has a Business Logic Error causing remote code execution. It allows an authentica
9.9CRITICAL
 CVE-2020-8876
< 15.1.3
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.2-47123. An
5.5MEDIUM
 CVE-2020-8875
< 15.1.3
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An a
8.8HIGH
 CVE-2020-8874
< 15.1.3
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An a
6.7MEDIUM
 CVE-2020-8873
< 15.1.3
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An a
6.7MEDIUM
 CVE-2020-8872
< 15.1.3
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.1-
4.4MEDIUM
 CVE-2020-8871
< 15.1.3
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.0-47107 . An
6.7MEDIUM
 CVE-2020-7213
all versions
Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. Users of out-of-date versions
7.5HIGH
 CVE-2019-17148
all versions
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop
7.8HIGH
 CVE-2019-18793
all versions
Parallels Plesk Panel 9.5 allows XSS in target/locales/tr-TR/help/index.htm? via the "fileName" parameter.
6.1MEDIUM
 CVE-2017-9447
all versions
In the web interface of Parallels Remote Application Server (RAS) 15.5 Build 16140, a vulnerability exists due to improper validat
7.5HIGH
 CVE-2013-4878
all versions
The default configuration of Parallels Plesk Panel 9.0.x and 9.2.x on UNIX, and Small Business Panel 10.x on UNIX, has an improper
 CVE-2013-0133
all versions
Untrusted search path vulnerability in /usr/local/psa/admin/sbin/wrapper in Parallels Plesk Panel 11.0.9 allows local users to gai
 CVE-2013-0132
all versions
The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remot
 CVE-2012-5004
all versions
Multiple cross-site request forgery (CSRF) vulnerabilities in Parallels H-Sphere 3.3 Patch 1 allow remote attackers to hijack the
 CVE-2012-1557
all versions
SQL injection vulnerability in admin/plib/api-rpc/Agent.php in Parallels Plesk Panel 7.x and 8.x before 8.6 MU#2, 9.x before 9.5 M
 CVE-2011-4856
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 sends incorrect Content-Type headers for certain resources, whi
 CVE-2011-4855
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 omits the Content-Type header's charset parameter for certain r
 CVE-2011-4854
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not ensure that Content-Type HTTP headers match the corres
 CVE-2011-4853
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 includes an RFC 1918 IP address within a web page, which allows
 CVE-2011-4852
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 generates web pages containing external links in response to GE
 CVE-2011-4851
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 generates a password form field without disabling the autocompl
 CVE-2011-4850
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not include the HTTPOnly flag in a Set-Cookie header for a
 CVE-2011-4849
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not set the secure flag for a cookie in an https session,
 CVE-2011-4848
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 includes a submitted password within an HTTP response body, whi
 CVE-2011-4847
all versions
SQL injection vulnerability in the Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 allows remote attackers to execu
 CVE-2011-4777
all versions
Cross-site scripting (XSS) vulnerability in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Panel 10.4.4_build2011110
 CVE-2011-4776
all versions
Multiple cross-site scripting (XSS) vulnerabilities in the Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 allow re
 CVE-2011-4768
all versions
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 omits the Content-Type header's charset p
 CVE-2011-4767
all versions
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 has web pages containing e-mail addresses
 CVE-2011-4766
all versions
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allows remote attackers to obtain ASP sou
 CVE-2011-4765
all versions
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 does not include the HTTPOnly flag in a S
 CVE-2011-4764
all versions
Multiple cross-site scripting (XSS) vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business
 CVE-2011-4763
all versions
Multiple SQL injection vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0
 CVE-2011-4762
all versions
Parallels Plesk Small Business Panel 10.2.0 sends incorrect Content-Type headers for certain resources, which might allow remote a
 CVE-2011-4761
all versions
Parallels Plesk Small Business Panel 10.2.0 omits the Content-Type header's charset parameter for certain resources, which might a
 CVE-2011-4760
all versions
Parallels Plesk Small Business Panel 10.2.0 has web pages containing e-mail addresses that are not intended for correspondence abo
 CVE-2011-4759
all versions
Parallels Plesk Small Business Panel 10.2.0 generates web pages containing external links in response to GET requests with query s
 CVE-2011-4758
all versions
Parallels Plesk Small Business Panel 10.2.0 receives cleartext password input over HTTP, which allows remote attackers to obtain s
 CVE-2011-4757
all versions
Parallels Plesk Small Business Panel 10.2.0 generates a password form field without disabling the autocomplete feature, which make
 CVE-2011-4756
all versions
Parallels Plesk Small Business Panel 10.2.0 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it
 CVE-2011-4755
all versions
Parallels Plesk Small Business Panel 10.2.0 does not properly validate string data that is intended for storage in an XML document
 CVE-2011-4754
all versions
Multiple cross-site scripting (XSS) vulnerabilities in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to injec
 CVE-2011-4753
all versions
Multiple SQL injection vulnerabilities in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary
 CVE-2011-4749
all versions
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 generates a password form field without disabling the autoc
 CVE-2011-4748
all versions
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 has web pages containing e-mail addresses that are not inte
 CVE-2011-4747
all versions
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 does not prevent the use of weak ciphers for SSL sessions,
 CVE-2011-4746
all versions
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 does not disable the SSL 2.0 protocol, which makes it easie
 CVE-2011-4745
all versions
Multiple cross-site scripting (XSS) vulnerabilities in the billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 allo
 CVE-2011-4744
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 sends incorrect Content-Type headers for certain resources, wh
 CVE-2011-4743
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 omits the Content-Type header's charset parameter for certain
 CVE-2011-4742
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 has web pages containing e-mail addresses that are not intende
 CVE-2011-4741
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 includes a database connection string within a web page, which
 CVE-2011-4740
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates web pages containing external links in response to G
 CVE-2011-4739
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates a password form field without disabling the autocomp
 CVE-2011-4738
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 does not include the HTTPOnly flag in a Set-Cookie header for
 CVE-2011-4737
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 includes a submitted password within an HTTP response body, wh
 CVE-2011-4736
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 receives cleartext password input over HTTP, which allows remo
 CVE-2011-4735
all versions
Multiple cross-site scripting (XSS) vulnerabilities in the Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 allow r
 CVE-2011-4734
all versions
Multiple SQL injection vulnerabilities in the Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 allow remote attacke
 CVE-2011-4733
all versions
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 sends incorrect Content-Type headers for certai
 CVE-2011-4732
all versions
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 omits the Content-Type header's charset paramet
 CVE-2011-4731
all versions
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 includes an RFC 1918 IP address within a web pa
 CVE-2011-4730
all versions
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 generates a password form field without disabli
 CVE-2011-4729
all versions
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not include the HTTPOnly flag in a Set-Coo
 CVE-2011-4728
all versions
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not set the secure flag for a cookie in an
 CVE-2011-4727
all versions
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not properly validate string data that is
 CVE-2011-4726
all versions
Multiple cross-site scripting (XSS) vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 10.2.0_build101111
 CVE-2011-4725
all versions
Multiple SQL injection vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 allow
 CVE-2008-6465
all versions
Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remo
 CVE-2007-4009
all versions
PHP remote file inclusion vulnerability in admin/business_inc/saveserver.php in SWSoft Confixx Pro 2.0.12 through 3.3.1 allows rem
 CVE-2007-2455
all versions
Parallels allows local users to cause a denial of service (virtual machine abort) via (1) certain INT instructions, as demonstrate
 CVE-2007-2454
all versions
Heap-based buffer overflow in the VGA device in Parallels allows local users, with root access to the guest operating system, to t
 CVE-2007-1222
all versions
Parallels Desktop for Mac before 20070216 implements Drag and Drop by sharing the entire host filesystem as the .psf share, which
 CVE-2006-5817
all versions
prl_dhcpd in Parallels Desktop for Mac Build 1940 uses insecure permissions (0666) for /Library/Parallels/.dhcpd_configuration, wh
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh