CVEbaza.plSłownik CWECWE-591
Common Weakness Enumeration

CWE-591

Sensitive Data Storage in Improperly Locked Memory

Kategoria: VariantCVE: 77
Opis

Produkt przechowuje dane wrażliwe w pamięci, która nie jest zablokowana lub została nieprawidłowo zablokowana, co może spowodować zapisanie danych do plików swap na dysku przez menedżer pamięci wirtualnej. Może to uczynić dane bardziej dostępnymi dla zewnętrznych podmiotów.

Description (EN)

The product stores sensitive data in memory that is not locked, or that has been incorrectly locked, which might cause the memory to be written to swap files on disk by the virtual memory manager. This can make the data more accessible to external actors.

Podatności CVE z CWE-591 (77)
8.8
CVSS
HIGH
CVE-2024-38131

Clipboard Virtual Channel Extension Remote Code Execution Vulnerability

pub. 2024-08-13
8.1
CVSS
HIGH
CVE-2025-26671

Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

pub. 2025-04-08
8.1
CVSS
HIGH
CVE-2025-27482

Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

pub. 2025-04-08
8.1
CVSS
HIGH
CVE-2025-24035

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

pub. 2025-03-11
8.1
CVSS
HIGH
CVE-2025-24045

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

pub. 2025-03-11
8.1
CVSS
HIGH
CVE-2025-21224

Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

pub. 2025-01-14
8.1
CVSS
HIGH
CVE-2025-21294

Microsoft Digest Authentication Remote Code Execution Vulnerability

pub. 2025-01-14
8.1
CVSS
HIGH
CVE-2025-21309

Windows Remote Desktop Services Remote Code Execution Vulnerability

pub. 2025-01-14
8.1
CVSS
HIGH
CVE-2024-49106

Windows Remote Desktop Services Remote Code Execution Vulnerability

pub. 2024-12-12
8.1
CVSS
HIGH
CVE-2024-49108

Windows Remote Desktop Services Remote Code Execution Vulnerability

pub. 2024-12-12
8.1
CVSS
HIGH
CVE-2024-49115

Windows Remote Desktop Services Remote Code Execution Vulnerability

pub. 2024-12-12
8.1
CVSS
HIGH
CVE-2024-49123

Windows Remote Desktop Services Remote Code Execution Vulnerability

pub. 2024-12-12
8.1
CVSS
HIGH
CVE-2024-49126

Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability

pub. 2024-12-12
8.1
CVSS
HIGH
CVE-2024-49128

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

pub. 2024-12-12
8.1
CVSS
HIGH
CVE-2024-49132

Windows Remote Desktop Services Remote Code Execution Vulnerability

pub. 2024-12-12
8.1
CVSS
HIGH
CVE-2023-28283

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

pub. 2023-05-09
8.1
CVSS
HIGH
CVE-2023-28219

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

pub. 2023-04-11
8.1
CVSS
HIGH
CVE-2023-28220

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

pub. 2023-04-11
8.1
CVSS
HIGH
CVE-2023-21535

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

pub. 2023-01-10
8.1
CVSS
HIGH
CVE-2023-21546

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability

pub. 2023-01-10
Pokazano 20 z 77 podatności
Informacje
ID: CWE-591
Typ: Variant
Podatności: 77
MITRE CWE ↗
← Słownik CWE