Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-591

CWE-591

Sensitive Data Storage in Improperly Locked Memory

Parent: CWE-413 - Improper Resource Locking

The product stores sensitive data in memory that is not locked, or that has been incorrectly locked, which might cause the memory to be written to swap files on disk by the virtual memory manager. This can make the data more accessible to external actors.

77 vulnerabilities with CWE-591

CVE-2025-11711 MEDIUM

Firefox <144 - XSS

CVE-2025-48819 HIGH

Windows UPnP Device Host - Privilege Escalation

CVE-2025-30394 MEDIUM

Remote Desktop Gateway Service - DoS

CVE-2025-27732 HIGH

Windows Win32K - GRFX Privilege Escalation via Improper Memory Locking

CVE-2025-27484 HIGH

Windows UPnP Device Host - Privilege Escalation

CVE-2025-27482 HIGH

Remote Desktop Gateway Service - Memory Corruption

CVE-2025-27475 HIGH

Windows Update Stack - Privilege Escalation

CVE-2025-27471 MEDIUM

Microsoft Windows - Denial of Service via Sensitive Data Storage in Improperly Locked Memory

CVE-2025-26686 HIGH

Windows TCP/IP < - Memory Corruption

CVE-2025-26671 HIGH

Windows Server 2008-2025 Use-After-Free in Remote Desktop Services

CVE-2025-26665 HIGH

Windows upnphost.dll - Privilege Escalation

CVE-2025-26648 HIGH

Windows Kernel - Privilege Escalation

CVE-2025-24045 HIGH

Windows Remote Desktop Services - Memory Corruption

CVE-2025-24035 HIGH

Windows Remote Desktop Services - Memory Corruption

CVE-2025-21309 HIGH

Microsoft Windows Server 2012 - Remote Code Execution

CVE-2025-21294 HIGH

Windows 10 1507-24H2 and Windows Server 2008-2012 - Remote Code Execution via Digest Authentication

CVE-2025-21224 HIGH

Windows Line Printer Daemon Service - Remote Code Execution

CVE-2024-49132 HIGH

Windows Remote Desktop Services - Remote Code Execution via Race Condition

CVE-2024-49128 HIGH

Windows Server RCE via Improperly Locked Memory

CVE-2024-49126 HIGH

Windows LSASS - Remote Code Execution via Race Condition

CVE-2024-49123 HIGH

Windows Remote Desktop Services - Remote Code Execution via Race Condition

CVE-2024-49115 HIGH

Windows Server RCE via Race Condition (2016, 2019, 2022, 2022 23H2, 2025)

CVE-2024-49108 HIGH

Windows Server 2016-2025 - Remote Code Execution via Remote Desktop Services Race Condition

CVE-2024-49106 HIGH

Windows Server RCE via Race Condition in Remote Desktop Services

CVE-2024-49097 HIGH

Windows PrintWorkflowUserSvc - Elevation of Privilege via Race Condition

Page 1 of 4 Next

Details

Vulnerabilities 77

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy