CVE-2025-25215
HIGHDescription
An arbitrary free vulnerability exists in the cv_close functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an arbitrary free. An attacker can forge a fake session to trigger this vulnerability.
Is your site exposed to CVE-2025-25215?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2025-25215? +
How severe is CVE-2025-25215? +
How do I check if I'm vulnerable to CVE-2025-25215? +
Related Vulnerabilities
A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault …
Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a segmentation violation via the component theta_star::ThetaStar::isUnsafeToPlan().
In the Linux kernel, the following vulnerability has been resolved: tipc: fix double-free in tipc_buf_append() tipc_msg_validate() can potentially reallocate the …
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a …
Memory corruption while reading ACPI config through the user mode app.
When the application opens a PDF file and JavaScript writes annotation attributes, there is a lack of sufficient object type …