CVE-2025-25215 – Dell ControlVault3/Dell ControlVault3 Plus: Arbitrary Free Vulnerability

June 13, 2025

CVE ID : CVE-2025-25215

Published : June 13, 2025, 10:15 p.m. | 3 hours, 14 minutes ago

Description : An arbitrary free vulnerability exists in the cv_close functionality of
Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call
can lead to an arbitrary free. An attacker can forge a fake session to
trigger this vulnerability.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-33108 – IBM Backup, Recovery and Media Services for i Privilege Escalation

Next Article CVE-2025-24919 – Dell ControlVault3/ControlVault3 Plus Deserialization of Untrusted Input Remote Code Execution Vulnerability

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-25215 – Dell ControlVault3/Dell ControlVault3 Plus: Arbitrary Free Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

CVE-2025-4282 – SourceCodester Oretnom23 Stock Management System CSRF Vulnerability

CVE-2025-7939 – A vulnerability was found in jerryshensjf JPACooki

How Remix is shaking things up

CVE-2025-3956 – Novel-Cloud SQL Injection Vulnerability

CVE-2025-52462 – Active! mail XSS

CVE-2025-2091 – M-Files Open Redirection Vulnerability

Hands on: Windows 11’s Notification Center finally has a clock with seconds

CVE-2025-24341 – CtrlX OS HTTP Request Flood Denial-of-Service Vulnerability

CVE-2025-25215 – Dell ControlVault3/Dell ControlVault3 Plus: Arbitrary Free Vulnerability

Related Posts