Lucene search
+L

72 matches found

Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.15 views

Microsoft Streaming Service Denial of Service Vulnerability

Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service over a network...

5.9CVSS6.7AI score0.01167EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.51 views

Windows TCP/IP Remote Code Execution Vulnerability

Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network...

7.5CVSS7.2AI score0.01499EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.13 views

Windows Remote Desktop Services Remote Code Execution Vulnerability

Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network...

8.1CVSS7.4AI score0.01734EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.21 views

Windows Kernel Elevation of Privilege Vulnerability

Sensitive data storage in improperly locked memory in Windows Kernel allows an authorized attacker to elevate privileges locally...

7.8CVSS6.8AI score0.00445EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.17 views

Windows Graphics Component Elevation of Privilege Vulnerability

Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

7CVSS6.8AI score0.0033EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.14 views

Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over a network...

7.5CVSS6.8AI score0.00746EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/04/02 12:0 a.m.2 views

PT-2025-15556 · Microsoft · Windows Win32K +1

Name of the Vulnerable Software and Affected Versions: Windows Win32K - GRFX affected versions not specified Description: The issue concerns sensitive data storage in improperly locked memory, allowing an authorized attacker to elevate privileges locally. Recommendations: At the moment, there is ...

7CVSS8.3AI score0.0033EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/03/13 6:48 p.m.17 views

CVE-2025-24045

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network...

8.1CVSS8.7AI score0.01353EPSS
Exploits0References3
OSV
OSV
added 2025/03/11 5:16 p.m.3 views

CVE-2025-24045

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network...

8.1CVSS5.9AI score0.01353EPSS
Exploits0References1
NVD
NVD
added 2025/03/11 5:16 p.m.25 views

CVE-2025-24035

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network...

8.1CVSS0.01744EPSS
Exploits0References1
CVE
CVE
added 2025/03/11 4:59 p.m.131 views

CVE-2025-24045

CVE-2025-24045 is listed in EU/NCSC sources as a Windows Remote Desktop Services remote code execution vulnerability with high impact (CVSS around 8.1–8.8; labeled Execute random code). Connected documents corroborate that this CVE is tied to Windows Remote Desktop Services/Client components and ...

8.1CVSS8.2AI score0.01353EPSS
Exploits0References1Affected Software6
CVE
CVE
added 2025/03/11 4:58 p.m.163 views

CVE-2025-24035

CVE-2025-24035 affects Windows Remote Desktop Services. The connected data corroborates a remote code execution risk over a network, arising from memory handling (sensitive data stored in improperly locked memory). The impact is described as executing arbitrary code, with the network as the attac...

8.1CVSS8.2AI score0.01744EPSS
Exploits0References1Affected Software15
Microsoft CVE
Microsoft CVE
added 2025/03/11 7:0 a.m.36 views

Windows Remote Desktop Services Remote Code Execution Vulnerability

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network...

8.1CVSS7.4AI score0.01744EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/03/11 7:0 a.m.30 views

Windows Remote Desktop Services Remote Code Execution Vulnerability

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network...

8.1CVSS7.4AI score0.01353EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/03/11 12:0 a.m.1 views

PT-2025-10800 · Microsoft · Windows Remote Desktop Services +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Services affected versions not specified Windows Server 2019 version 10.0.17763.0 Description: The issue is related to sensitive data storage in improperly locked memory in Windows Remote Desktop Services, allowing an...

8.1CVSS8.9AI score0.01353EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2025/03/11 12:0 a.m.137 views

KB5053594: Windows 10 Version 1607 / Windows Server 2016 Security Update (March 2025)

The remote Windows host is missing security update 5053594. It is, therefore, affected by multiple vulnerabilities - Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVE-2025-26645 - Sensitive data storage in improperly locked memory...

8.8CVSS7.8AI score0.58974EPSS
Exploits45References34
Tenable Nessus
Tenable Nessus
added 2025/03/11 12:0 a.m.28 views

KB5053618: Windows 10 LTS 1507 Security Update (March 2025)

The remote Windows host is missing security update 5053618. It is, therefore, affected by multiple vulnerabilities - Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVE-2025-26645 - Sensitive data storage in improperly locked memory...

8.8CVSS7.8AI score0.58974EPSS
Exploits45References29
Cvelist
Cvelist
added 2025/02/27 1:54 p.m.15 views

CVE-2024-9334 Information Disclosure in E-Kent's Pallium Vehicle Tracking

Use of Hard-coded Credentials, Storage of Sensitive Data in a Mechanism without Access Control vulnerability in E-Kent Pallium Vehicle Tracking allows Authentication Bypass. This issue affects Pallium Vehicle Tracking: before 17.10.2024...

8.2CVSS0.00335EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/27 12:0 a.m.5 views

PT-2025-8941 · E Kent · E-Kent Pallium Vehicle Tracking

Name of the Vulnerable Software and Affected Versions: E-Kent Pallium Vehicle Tracking versions prior to 17.10.2024 Description: The issue affects the authentication mechanism of the software, allowing for authentication bypass due to the use of hard-coded credentials and storage of sensitive dat...

8.2CVSS7.5AI score0.00335EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.12 views

The vulnerability of the Identity Manager software component, used for managing and controlling access to corporate resources and IBM Security Verify Governance applications, allows a perpetrator to execute a type of “man-in-the-middle” attack.

The vulnerability of the Identity Manager software component, which is used for managing and controlling access to corporate resources and applications in IBM Security Verify Governance, relates to the storage of sensitive data in an open manner. Exploiting this vulnerability could allow a...

5.9CVSS5.6AI score0.0023EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder