Common Weakness Enumeration

CWE-591

Allowed

Sensitive Data Storage in Improperly Locked Memory

Abstraction: Variant · Status: Draft

The product stores sensitive data in memory that is not locked, or that has been incorrectly locked, which might cause the memory to be written to swap files on disk by the virtual memory manager. This can make the data more accessible to external actors.

106 vulnerabilities reference this CWE, most recent first.

GHSA-5VVR-P8H5-FVQJ

Vulnerability from github – Published: 2024-08-13 18:31 – Updated: 2024-08-13 18:31
VLAI
Details

Clipboard Virtual Channel Extension Remote Code Execution Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-38131"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-591"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-13T18:15:15Z",
    "severity": "HIGH"
  },
  "details": "Clipboard Virtual Channel Extension Remote Code Execution Vulnerability",
  "id": "GHSA-5vvr-p8h5-fvqj",
  "modified": "2024-08-13T18:31:16Z",
  "published": "2024-08-13T18:31:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38131"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38131"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-62CG-XHWR-XF37

Vulnerability from github – Published: 2023-04-11 21:31 – Updated: 2025-10-22 00:32
VLAI
Details

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-28229"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-591",
      "CWE-662"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-11T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "Windows CNG Key Isolation Service Elevation of Privilege Vulnerability",
  "id": "GHSA-62cg-xhwr-xf37",
  "modified": "2025-10-22T00:32:43Z",
  "published": "2023-04-11T21:31:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28229"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28229"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28229"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6MPR-RPJ5-Q557

Vulnerability from github – Published: 2025-04-08 18:34 – Updated: 2025-04-08 18:34
VLAI
Details

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-27484"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-591"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-08T18:15:59Z",
    "severity": "HIGH"
  },
  "details": "Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.",
  "id": "GHSA-6mpr-rpj5-q557",
  "modified": "2025-04-08T18:34:51Z",
  "published": "2025-04-08T18:34:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27484"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27484"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-73P8-JP88-9JJM

Vulnerability from github – Published: 2024-04-09 18:30 – Updated: 2024-04-09 18:30
VLAI
Details

Windows Update Stack Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-26236"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-362",
      "CWE-591"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-09T17:15:44Z",
    "severity": "HIGH"
  },
  "details": "Windows Update Stack Elevation of Privilege Vulnerability",
  "id": "GHSA-73p8-jp88-9jjm",
  "modified": "2024-04-09T18:30:26Z",
  "published": "2024-04-09T18:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26236"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26236"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75QR-MXQP-8937

Vulnerability from github – Published: 2024-10-08 18:33 – Updated: 2024-10-08 18:33
VLAI
Details

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-38262"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-591"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-08T18:15:08Z",
    "severity": "HIGH"
  },
  "details": "Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability",
  "id": "GHSA-75qr-mxqp-8937",
  "modified": "2024-10-08T18:33:14Z",
  "published": "2024-10-08T18:33:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38262"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38262"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-787M-4J9V-V659

Vulnerability from github – Published: 2025-05-13 18:30 – Updated: 2025-05-13 18:30
VLAI
Details

Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-30394"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-591"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-13T17:16:02Z",
    "severity": "MODERATE"
  },
  "details": "Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.",
  "id": "GHSA-787m-4j9v-v659",
  "modified": "2025-05-13T18:30:57Z",
  "published": "2025-05-13T18:30:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30394"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30394"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7H9G-R6HV-4Q98

Vulnerability from github – Published: 2025-01-14 18:32 – Updated: 2025-01-14 18:32
VLAI
Details

Microsoft Digest Authentication Remote Code Execution Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-21294"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-591"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-14T18:15:51Z",
    "severity": "HIGH"
  },
  "details": "Microsoft Digest Authentication Remote Code Execution Vulnerability",
  "id": "GHSA-7h9g-r6hv-4q98",
  "modified": "2025-01-14T18:32:04Z",
  "published": "2025-01-14T18:32:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21294"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21294"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7QV7-C4H7-RW9M

Vulnerability from github – Published: 2025-04-08 18:34 – Updated: 2025-04-08 18:34
VLAI
Details

Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-27732"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-591",
      "CWE-667"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-08T18:16:01Z",
    "severity": "HIGH"
  },
  "details": "Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.",
  "id": "GHSA-7qv7-c4h7-rw9m",
  "modified": "2025-04-08T18:34:52Z",
  "published": "2025-04-08T18:34:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27732"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27732"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7R2V-48C6-XJMM

Vulnerability from github – Published: 2025-03-11 18:32 – Updated: 2025-03-11 18:32
VLAI
Details

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-24035"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-591"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-11T17:16:25Z",
    "severity": "HIGH"
  },
  "details": "Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.",
  "id": "GHSA-7r2v-48c6-xjmm",
  "modified": "2025-03-11T18:32:16Z",
  "published": "2025-03-11T18:32:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24035"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24035"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-99XV-J5QX-85QP

Vulnerability from github – Published: 2024-02-13 18:38 – Updated: 2024-02-13 18:38
VLAI
Details

Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-21355"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-591"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-13T18:15:52Z",
    "severity": "HIGH"
  },
  "details": "Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability",
  "id": "GHSA-99xv-j5qx-85qp",
  "modified": "2024-02-13T18:38:23Z",
  "published": "2024-02-13T18:38:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21355"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21355"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Identify data that needs to be protected from swapping and choose platform-appropriate protection mechanisms.

Mitigation
Implementation

Check return values to ensure locking operations are successful.

No CAPEC attack patterns related to this CWE.