VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
221679 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-29009 | redhat_vex | u-boot: U-Boot: Memory corruption via NFS readlink buffer overflow | known not affected: 1 | 2026-07-13T13:35:48+00:00 | Vulnerability · Source |
| CVE-2026-29008 | redhat_vex | U-Boot: U-Boot: Integer underflow leads to Denial of Service | known not affected: 1 | 2026-07-13T13:35:41+00:00 | Vulnerability · Source |
| CVE-2024-45338 | redhat_vex | golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html | fixed: 2392 known affected: 157 known not affected: 16028 | 2026-07-13T13:27:24+00:00 | Vulnerability · Source |
| CVE-2026-59819 | redhat_vex | litellm: LiteLLM: Information disclosure via local file read in test connection endpoint | known not affected: 7 | 2026-07-13T13:26:19+00:00 | Vulnerability · Source |
| CVE-2026-23562 | redhat_vex | xen: Xen: VM administrator gains unauthorized host hardware access via PCI passthrough | known not affected: 1 | 2026-07-13T13:26:15+00:00 | Vulnerability · Source |
| CVE-2026-42486 | redhat_vex | xen: Xen: Arbitrary dom0 file write due to improper restriction of VM parameter | known not affected: 1 | 2026-07-13T13:21:16+00:00 | Vulnerability · Source |
| CVE-2026-23560 | redhat_vex | xen: Xen: VM-admin can hide virtual machines from management and operations | known not affected: 1 | 2026-07-13T13:21:01+00:00 | Vulnerability · Source |
| CVE-2026-60108 | redhat_vex | zeek: Zeek: Denial of Service via uncontrolled memory consumption in FTP analyzer | known not affected: 1 | 2026-07-13T13:20:44+00:00 | Vulnerability · Source |
| CVE-2026-60109 | redhat_vex | zeek: Zeek: Denial of Service via crafted Kerberos KRB_ERROR message | known not affected: 1 | 2026-07-13T13:20:38+00:00 | Vulnerability · Source |
| CVE-2026-46384 | redhat_vex | github.com/hamba/avro/v2: github.com/linkedin/goavro/v2: Integer Overflow in Avro Decoder | fixed: 4 known affected: 3 known not affected: 193 | 2026-07-13T13:16:26+00:00 | Vulnerability · Source |
| CVE-2026-46385 | redhat_vex | github.com/hamba/avro/v2: github.com/linkedin/goavro/v2: CPU Exhaustion in Avro Decoder via Unbounded Block-Count Iteration | fixed: 4 known affected: 3 known not affected: 193 | 2026-07-13T13:16:23+00:00 | Vulnerability · Source |
| CVE-2026-15584 | redhat_vex | RedHatInsights/incluster-checks: incluster-checks: Privileged host-chroot debug pods created in shared default namespace enable privilege escalation to node root | known affected: 1 | 2026-07-13T13:12:29+00:00 | Vulnerability · Source |
| CVE-2026-42561 | redhat_vex | python-multipart: python-multipart: Denial of Service via excessive multipart part headers | fixed: 2 known affected: 31 known not affected: 242 | 2026-07-13T13:11:41+00:00 | Vulnerability · Source |
| CVE-2026-55807 | redhat_vex | Drupal core: Drupal core: Server-Side Request Forgery vulnerability | known not affected: 1 | 2026-07-13T12:53:27+00:00 | Vulnerability · Source |
| CVE-2026-55808 | redhat_vex | drupal: Drupal core: Cross-site Scripting (XSS) via improper input neutralization | known not affected: 1 | 2026-07-13T12:47:54+00:00 | Vulnerability · Source |
| CVE-2026-40973 | redhat_vex | Spring Boot: Spring Boot: Arbitrary Code Execution and Session Hijacking via predictable temporary directory | fixed: 10 known affected: 2 known not affected: 68 | 2026-07-13T12:25:53+00:00 | Vulnerability · Source |
| CVE-2026-62147 | redhat_vex | tempo-operator: Tempo Operator: Query RBAC bypass | known affected: 2 | 2026-07-13T12:06:35+00:00 | Vulnerability · Source |
| CVE-2026-53538 | redhat_vex | python-multipart: Python-Multipart: Information disclosure due to parser differential in form data handling | known affected: 39 known not affected: 18 | 2026-07-13T11:56:42+00:00 | Vulnerability · Source |
| CVE-2026-41695 | redhat_vex | Spring Data Commons: Spring Data Commons: Denial of Service via crafted property path strings | known affected: 3 known not affected: 2 | 2026-07-13T11:51:12+00:00 | Vulnerability · Source |
| CVE-2026-41716 | redhat_vex | Spring Data Commons: Spring Data Commons: Denial of Service due to cache exhaustion via attacker-supplied strings | known affected: 3 known not affected: 2 | 2026-07-13T11:50:40+00:00 | Vulnerability · Source |
| CVE-2026-14613 | redhat_vex | keycloak-services: keycloak-services: Keycloak: FGAP v2 role groups endpoint discloses hidden group metadata without group view permission | known affected: 1 known not affected: 5 | 2026-07-13T11:46:27+00:00 | Vulnerability · Source |
| CVE-2026-14615 | redhat_vex | keycloak-services: keycloak: FGAP v2 parent group children endpoint bypasses per-child view permission filter | known affected: 1 | 2026-07-13T11:46:19+00:00 | Vulnerability · Source |
| CVE-2026-55223 | redhat_vex | c3p0: c3p0: Remote code execution via deserialization vulnerability | known affected: 5 known not affected: 7 | 2026-07-13T11:41:36+00:00 | Vulnerability · Source |
| CVE-2026-46584 | redhat_vex | org.apache.camel/camel-mail: Apache Camel Mail Component: Credential exposure and information disclosure via improper input validation of mail headers | known affected: 2 known not affected: 1 | 2026-07-13T11:21:44+00:00 | Vulnerability · Source |
| CVE-2026-46592 | redhat_vex | org.apache.camel/camel-cxf: Apache Camel CXF SOAP: Remote attacker can execute unintended operations via header manipulation | known affected: 2 known not affected: 1 | 2026-07-13T11:21:36+00:00 | Vulnerability · Source |
| CVE-2026-40859 | redhat_vex | org.apache.camel/camel-vertx-http: Apache Camel (camel-vertx-http): Remote Code Execution via Deserialization of Untrusted Data | known affected: 2 known not affected: 1 | 2026-07-13T11:21:21+00:00 | Vulnerability · Source |
| CVE-2026-15551 | redhat_vex | rlottie: rlottie: Buffer overflow due to integer overflow | known not affected: 1 | 2026-07-13T11:16:30+00:00 | Vulnerability · Source |
| CVE-2026-50263 | redhat_vex | xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow() | fixed: 779 known affected: 22 | 2026-07-13T11:04:49+00:00 | Vulnerability · Source |
| CVE-2026-50262 | redhat_vex | xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes | fixed: 779 known affected: 22 | 2026-07-13T11:04:48+00:00 | Vulnerability · Source |
| CVE-2026-56000 | redhat_vex | X.org: xorg-x11-server: GLX contextTags Use-After-Free in CommonMakeCurrent() | fixed: 54 known affected: 39 | 2026-07-13T10:55:58+00:00 | Vulnerability · Source |
| CVE-2026-55999 | redhat_vex | xorg: X11: xserver: X.org: glamor Font Atlas Heap Buffer Overflow | fixed: 255 known affected: 19 | 2026-07-13T10:55:42+00:00 | Vulnerability · Source |
| CVE-2026-58379 | redhat_vex | gimp: gimp: Heap buffer overflow in read_channel_data() | fixed: 24 known not affected: 29 | 2026-07-13T10:55:38+00:00 | Vulnerability · Source |
| CVE-2026-2050 | redhat_vex | gimp: GIMP: Arbitrary code execution via heap-based buffer overflow in HDR file parsing | fixed: 57 known affected: 11 | 2026-07-13T10:55:33+00:00 | Vulnerability · Source |
| CVE-2026-45700 | redhat_vex | freerdp: FreeRDP: Out-of-bounds write in planar bitmap decoder allows arbitrary code execution | fixed: 195 known affected: 12 | 2026-07-13T10:55:17+00:00 | Vulnerability · Source |
| CVE-2026-50260 | redhat_vex | xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter() | fixed: 779 known affected: 22 | 2026-07-13T10:55:03+00:00 | Vulnerability · Source |
| CVE-2026-50259 | redhat_vex | xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing | fixed: 779 known affected: 22 | 2026-07-13T10:54:58+00:00 | Vulnerability · Source |
| CVE-2026-50258 | redhat_vex | xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels | fixed: 779 known affected: 22 | 2026-07-13T10:54:45+00:00 | Vulnerability · Source |
| CVE-2026-50257 | redhat_vex | xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence() | fixed: 779 known affected: 22 | 2026-07-13T10:54:39+00:00 | Vulnerability · Source |
| CVE-2026-50256 | redhat_vex | xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch | fixed: 779 known affected: 22 | 2026-07-13T10:54:23+00:00 | Vulnerability · Source |
| CVE-2026-50264 | redhat_vex | xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat | fixed: 779 known affected: 22 | 2026-07-13T10:54:17+00:00 | Vulnerability · Source |
| CVE-2026-50261 | redhat_vex | xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter() | fixed: 779 known affected: 22 | 2026-07-13T10:54:03+00:00 | Vulnerability · Source |
| CVE-2026-23745 | redhat_vex | node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives | fixed: 52 known affected: 25 known not affected: 654 | 2026-07-13T09:41:15+00:00 | Vulnerability · Source |
| CVE-2026-43163 | redhat_vex | kernel: md/bitmap: fix GPF in write_page caused by resize race | fixed: 2069 known affected: 33 known not affected: 14 | 2026-07-13T09:11:17+00:00 | Vulnerability · Source |
| CVE-2026-15574 | redhat_vex | vllm-orchestrator-gateway: vllm-orchestrator-gateway: Authorization header and full chat payloads logged at hard-coded DEBUG default | under investigation: 1 | 2026-07-13T09:05:52+00:00 | Vulnerability · Source |
| CVE-2026-57231 | redhat_vex | podman: Podman: Information disclosure via malicious container image environment variables | fixed: 349 known affected: 28 known not affected: 9 | 2026-07-13T08:57:07+00:00 | Vulnerability · Source |
| CVE-2026-5497 | redhat_vex | vllm: vLLM: Denial of Service via unbounded video frame processing | known affected: 24 known not affected: 4 | 2026-07-13T08:11:13+00:00 | Vulnerability · Source |
| CVE-2026-58467 | redhat_vex | cockpit: Cockpit CMS: Arbitrary file read and code execution via path traversal | known affected: 32 | 2026-07-13T07:20:57+00:00 | Vulnerability · Source |
| CVE-2023-54365 | redhat_vex | github.com/traefik/traefik: net/http2: Traefik: Denial of Service via HTTP/2 Rapid Reset technique | known not affected: 3 | 2026-07-13T07:15:40+00:00 | Vulnerability · Source |
| CVE-2026-58253 | redhat_vex | github.com/nats-io/nats-server: NATS Server: Authentication bypass and privilege escalation via parser fast path | known not affected: 2 | 2026-07-13T07:11:35+00:00 | Vulnerability · Source |
| CVE-2026-58208 | redhat_vex | github.com/nats-io/nats-server: NATS Server: Denial of Service due to incorrect MQTT-over-WebSocket request routing | known not affected: 2 | 2026-07-13T07:06:26+00:00 | Vulnerability · Source |