VDB

GCVE-110-NCSC-2024-470

GCVE-110-NCSC-2024-470
Advisory PublishedCVSS 8.1/10
Vulnetix · Advisory published December 10, 2024
Sensitive Data Storage in Improperly Locked Memory

Weaknesses (CWE)

CWE-591Sensitive Data Storage in Improperly Locked MemoryCWE-362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')CWE-416Use After FreeCWE-122Heap-based Buffer OverflowCWE-400Uncontrolled Resource ConsumptionCWE-287Improper AuthenticationCWE-191Integer Underflow (Wrap or Wraparound)CWE-190Integer Overflow or WraparoundCWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')CWE-125Out-of-bounds ReadCWE-126Buffer Over-readCWE-822Untrusted Pointer DereferenceCWE-820Missing SynchronizationCWE-843Access of Resource Using Incompatible Type ('Type Confusion')CWE-453Insecure Default Variable InitializationCWE-393Return of Wrong Status CodeCWE-681Incorrect Conversion between Numeric TypesCWE-284Improper Access ControlCWE-20Improper Input ValidationCWE-59Improper Link Resolution Before File Access ('Link Following')CWE-476NULL Pointer Dereference

Risk Scores

CVSS 3.1
8.1/10
High · CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
microsoftwindows_server_2008_r2_service_pack_1__server_core_installation_
microsoftwindows_server_2008_sp2
microsoftwindows_server_2008_r2_service_pack_1
microsoftwindows_10_version_1507
microsoftwindows_11_22h2
microsoftwindows_server_2022__23h2_edition__server_core_installation_
microsoftwindows_server_2008__service_pack_2
microsoftwindows_server_2016__server_core_installation_
microsoftwindows_10_version_21h2
microsoftwindows_10_1809
microsoftwindows_11_23h2
microsoftwindows_server_23h2
microsoftwindows_11_version_23h2
microsoftwindows_server_2025__server_core_installation_
microsoftsystem_center_operations_manager__scom__2022
microsoftwindows
microsoftwindows_10_1507
microsoftsystem_center_operations_manager
microsoftwindows_11_24h2
microsoftwindows_server_2008_service_pack_2
microsoftwindows_server_2022
microsoftwindows_11_version_22h2
microsoftwindows_server_2025
microsoftwindows_server_2008_r2
microsoftsystem_center_operations_manager__scom__2019
microsoftwindows_server_2019
microsoftwindows_server_2019__server_core_installation_
microsoftwindows_server_2012
microsoftwindows_10_1607
microsoftwindows_10_21h2
microsoftwindows_10_22h2
microsoftwindows_server_2012_r2__server_core_installation_
microsoftwindows_server_2016
microsoftwindows_server_2012_r2
microsoftwindows_10_version_1809
microsoftwindows_server_2008_service_pack_2__server_core_installation_
microsoftwindows_10_version_22h2
microsoftwindows_11_version_22h3
microsoftwindows_server_2012__server_core_installation_
microsoftwindows_11_version_24h2
microsoftwindows_10_version_1607
microsoftsystem_center_operations_manager__scom__2025

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›