72 matches found
Microsoft Streaming Service Denial of Service Vulnerability
Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service over a network...
Windows TCP/IP Remote Code Execution Vulnerability
Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network...
Windows Remote Desktop Services Remote Code Execution Vulnerability
Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network...
Windows Kernel Elevation of Privilege Vulnerability
Sensitive data storage in improperly locked memory in Windows Kernel allows an authorized attacker to elevate privileges locally...
Windows Graphics Component Elevation of Privilege Vulnerability
Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...
Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over a network...
PT-2025-15556 · Microsoft · Windows Win32K +1
Name of the Vulnerable Software and Affected Versions: Windows Win32K - GRFX affected versions not specified Description: The issue concerns sensitive data storage in improperly locked memory, allowing an authorized attacker to elevate privileges locally. Recommendations: At the moment, there is ...
CVE-2025-24045
Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network...
CVE-2025-24045
Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network...
CVE-2025-24035
Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network...
CVE-2025-24045
CVE-2025-24045 is listed in EU/NCSC sources as a Windows Remote Desktop Services remote code execution vulnerability with high impact (CVSS around 8.1–8.8; labeled Execute random code). Connected documents corroborate that this CVE is tied to Windows Remote Desktop Services/Client components and ...
CVE-2025-24035
CVE-2025-24035 affects Windows Remote Desktop Services. The connected data corroborates a remote code execution risk over a network, arising from memory handling (sensitive data stored in improperly locked memory). The impact is described as executing arbitrary code, with the network as the attac...
Windows Remote Desktop Services Remote Code Execution Vulnerability
Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network...
Windows Remote Desktop Services Remote Code Execution Vulnerability
Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network...
PT-2025-10800 · Microsoft · Windows Remote Desktop Services +1
Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Services affected versions not specified Windows Server 2019 version 10.0.17763.0 Description: The issue is related to sensitive data storage in improperly locked memory in Windows Remote Desktop Services, allowing an...
KB5053594: Windows 10 Version 1607 / Windows Server 2016 Security Update (March 2025)
The remote Windows host is missing security update 5053594. It is, therefore, affected by multiple vulnerabilities - Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVE-2025-26645 - Sensitive data storage in improperly locked memory...
KB5053618: Windows 10 LTS 1507 Security Update (March 2025)
The remote Windows host is missing security update 5053618. It is, therefore, affected by multiple vulnerabilities - Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVE-2025-26645 - Sensitive data storage in improperly locked memory...
CVE-2024-9334 Information Disclosure in E-Kent's Pallium Vehicle Tracking
Use of Hard-coded Credentials, Storage of Sensitive Data in a Mechanism without Access Control vulnerability in E-Kent Pallium Vehicle Tracking allows Authentication Bypass. This issue affects Pallium Vehicle Tracking: before 17.10.2024...
PT-2025-8941 · E Kent · E-Kent Pallium Vehicle Tracking
Name of the Vulnerable Software and Affected Versions: E-Kent Pallium Vehicle Tracking versions prior to 17.10.2024 Description: The issue affects the authentication mechanism of the software, allowing for authentication bypass due to the use of hard-coded credentials and storage of sensitive dat...
The vulnerability of the Identity Manager software component, used for managing and controlling access to corporate resources and IBM Security Verify Governance applications, allows a perpetrator to execute a type of “man-in-the-middle” attack.
The vulnerability of the Identity Manager software component, which is used for managing and controlling access to corporate resources and applications in IBM Security Verify Governance, relates to the storage of sensitive data in an open manner. Exploiting this vulnerability could allow a...