Lucene search
K

4 matches found

NVD
NVD
added 2025/06/13 10:15 p.m.10 views

CVE-2025-24919

A deserialization of untrusted input vulnerability exists in the cvhDecapsulateCmd functionality of Dell ControlVault3 prior to 5.15.10.14 and ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault response to a command can lead to arbitrary code execution. An attacker can...

8.1CVSS0.01797EPSS
Exploits0References2
CVE
CVE
added 2025/06/13 9:26 p.m.78 views

CVE-2025-25215

CVE-2025-25215 affects Dell ControlVault3 and ControlVault3 Plus; an arbitrary-free vulnerability resides in the cv_close path due to insufficient session validation. Talos’ analysis shows an attacker can forge a fake session on the CV firmware (for sessions allocated on the device heap) and trig...

8.8CVSS8.7AI score0.01768EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/13 8:42 p.m.47 views

CVE-2025-24311 Dell ControlVault3/ControlVault3 Plus cv_send_blockdata out-of-bounds read vulnerability

An out-of-bounds read vulnerability exists in the cvsendblockdata functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an information leak. An attacker can issue an API call to trigger this...

8.4CVSS0.01302EPSS
Exploits0References1
CVE
CVE
added 2025/06/13 8:42 p.m.82 views

CVE-2025-24311

Affected software: Dell ControlVault3 and ControlVault3 Plus firmware and related Windows driver interactions (cvusbdrv.sys) with the CA/firmware stack. Vulnerability: An out-of-bounds read in cv_send_blockdata can be triggered by a crafted ControlVault API call, leading to information disclosure...

8.4CVSS8.1AI score0.01302EPSS
Exploits0References2
Rows per page
Query Builder