CWE-591

Total CVEs

63

Vulnerabilities

Avg CVSS v3

7.2

High

Latest CVE

2025

Most Recent

Severity Distribution

Critical 0

0%

High 50

79.4%

Medium 13

20.6%

Low 0

0%

External References

Official CWE definition

Search CVEs by CWE

All CVEs (63)

Page 1 of 3

CVE-2024-38131

HIGH

CVSS:8.8(High)

Clipboard Virtual Channel Extension Remote Code Execution Vulnerability

CVE-2025-27482

HIGH

CVSS:8.1(High)

Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

CVE-2025-24045

HIGH

CVSS:8.1(High)

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

CVE-2025-24035

HIGH

CVSS:8.1(High)

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

CVE-2025-21309

HIGH

CVSS:8.1(High)

Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2025-21294

HIGH

CVSS:8.1(High)

Microsoft Digest Authentication Remote Code Execution Vulnerability

CVE-2024-49123

HIGH

CVSS:8.1(High)

Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2023-36005

HIGH

CVSS:8.1(High)

Windows Telephony Server Elevation of Privilege Vulnerability

CVE-2023-28283

HIGH

CVSS:8.1(High)

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2023-28220

HIGH

CVSS:8.1(High)

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-28219

HIGH

CVSS:8.1(High)

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-21548

HIGH

CVSS:8.1(High)

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

CVE-2023-21546

HIGH

CVSS:8.1(High)

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability

CVE-2023-21535

HIGH

CVSS:8.1(High)

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

CVE-2024-43563

HIGH

CVSS:7.8(High)

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2024-21446

HIGH

CVSS:7.8(High)

NTFS Elevation of Privilege Vulnerability

CVE-2024-20686

HIGH

CVSS:7.8(High)

Win32k Elevation of Privilege Vulnerability

CVE-2023-35362

HIGH

CVSS:7.8(High)

Windows Clip Service Elevation of Privilege Vulnerability

CVE-2023-35340

HIGH

CVSS:7.8(High)

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability

CVE-2023-28236

HIGH

CVSS:7.8(High)

Windows Kernel Elevation of Privilege Vulnerability

CVE-2023-24946

HIGH

CVSS:7.8(High)

Windows Backup Service Elevation of Privilege Vulnerability

CVE-2025-27484

HIGH

CVSS:7.5(High)

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.

CVE-2025-26686

HIGH

CVSS:7.5(High)

Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

CVE-2024-38263

HIGH

CVSS:7.5(High)

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability