9 matches found
CVE-2025-31649
A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to execute priviledged operation. An attacker can issue an api call...
PT-2025-47213
Name of the Vulnerable Software and Affected Versions Dell ControlVault3 versions prior to 5.15.14.19 Dell ControlVault3 Plus versions prior to 6.2.36.47 Description A buffer overflow exists in the CvManager SBI functionality. A specially crafted ControlVault API call can lead to arbitrary code...
CVE-2025-25215
An arbitrary free vulnerability exists in the cvclose functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an arbitrary free. An attacker can forge a fake session to trigger this vulnerability...
CVE-2025-25050
An out-of-bounds write vulnerability exists in the cvupgradesensorfirmware functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault 3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an out-of-bounds write. An attacker can issue an API call to...
CVE-2025-25215
An arbitrary free vulnerability exists in the cvclose functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an arbitrary free. An attacker can forge a fake session to trigger this vulnerability...
CVE-2025-25215 Dell ControlVault3/ControlVault3 Plus cv_close arbitrary free vulnerability
An arbitrary free vulnerability exists in the cvclose functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an arbitrary free. An attacker can forge a fake session to trigger this vulnerability...
CVE-2025-25215 Dell ControlVault3/ControlVault3 Plus cv_close arbitrary free vulnerability
An arbitrary free vulnerability exists in the cvclose functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an arbitrary free. An attacker can forge a fake session to trigger this vulnerability...
CVE-2025-25050 Dell ControlVault3/ControlVault3 Plus cv_upgrade_sensor_firmware out-of-bounds write vulnerability
An out-of-bounds write vulnerability exists in the cvupgradesensorfirmware functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault 3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an out-of-bounds write. An attacker can issue an API call to...
PT-2025-25450 · Dell · Dell Controlvault3 +1
Name of the Vulnerable Software and Affected Versions: Dell ControlVault3 versions prior to 5.15.10.14 Dell ControlVault3 Plus versions prior to 6.2.26.36 Description: An arbitrary free vulnerability exists in the cv close functionality of Dell ControlVault3 and Dell ControlVault3 Plus. A special...