VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
221683 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2024-55549 | redhat_vex | libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) | fixed: 351 known affected: 4 known not affected: 2425 | 2026-07-11T22:02:22+00:00 | Vulnerability · Source |
| CVE-2025-61915 | redhat_vex | CUPS: Local denial-of-service via cupsd.conf update and related issues | fixed: 14 known affected: 15 known not affected: 262 | 2026-07-11T21:58:23+00:00 | Vulnerability · Source |
| CVE-2025-9817 | redhat_vex | Wireshark: NULL Pointer Dereference in Wireshark | fixed: 74 known affected: 4 known not affected: 12 | 2026-07-11T21:58:22+00:00 | Vulnerability · Source |
| CVE-2025-53906 | redhat_vex | vim: Vim path traversal | fixed: 422 known affected: 13 known not affected: 4 | 2026-07-11T21:58:09+00:00 | Vulnerability · Source |
| CVE-2025-54349 | redhat_vex | iperf3: iperf Heap Buffer Overflow | fixed: 190 known not affected: 3 | 2026-07-11T21:58:05+00:00 | Vulnerability · Source |
| CVE-2025-11561 | redhat_vex | sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems | fixed: 4895 known affected: 31 known not affected: 24 | 2026-07-11T21:57:37+00:00 | Vulnerability · Source |
| CVE-2025-7493 | redhat_vex | FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA | fixed: 1318 known affected: 7 | 2026-07-11T21:52:19+00:00 | Vulnerability · Source |
| CVE-2025-53905 | redhat_vex | vim: Vim path traversial | fixed: 422 known affected: 13 known not affected: 4 | 2026-07-11T21:47:12+00:00 | Vulnerability · Source |
| CVE-2025-40779 | redhat_vex | kea: Kea crash upon interaction between specific client options and subnet selection | fixed: 90 | 2026-07-11T21:47:10+00:00 | Vulnerability · Source |
| CVE-2025-10921 | redhat_vex | gimp: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | fixed: 121 known affected: 6 known not affected: 5 | 2026-07-11T21:42:47+00:00 | Vulnerability · Source |
| CVE-2025-10922 | redhat_vex | gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | fixed: 591 known affected: 6 | 2026-07-11T21:42:44+00:00 | Vulnerability · Source |
| CVE-2025-10934 | redhat_vex | gimp: GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | fixed: 591 known affected: 6 | 2026-07-11T21:42:40+00:00 | Vulnerability · Source |
| CVE-2025-11232 | redhat_vex | kea: Invalid characters cause assert | fixed: 90 | 2026-07-11T21:42:33+00:00 | Vulnerability · Source |
| CVE-2025-10925 | redhat_vex | gimp: GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability | fixed: 121 known affected: 6 known not affected: 5 | 2026-07-11T21:42:30+00:00 | Vulnerability · Source |
| CVE-2025-10923 | redhat_vex | gimp: GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability | fixed: 121 known affected: 6 known not affected: 5 | 2026-07-11T21:42:07+00:00 | Vulnerability · Source |
| CVE-2025-10924 | redhat_vex | gimp: GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability | fixed: 121 known affected: 6 known not affected: 5 | 2026-07-11T21:41:55+00:00 | Vulnerability · Source |
| CVE-2025-10920 | redhat_vex | gimp: GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | fixed: 121 known affected: 6 known not affected: 5 | 2026-07-11T21:40:36+00:00 | Vulnerability · Source |
| CVE-2025-49844 | redhat_vex | Redis: Redis Lua Use-After-Free may lead to remote code execution | fixed: 298 known not affected: 261 | 2026-07-11T21:32:42+00:00 | Vulnerability · Source |
| CVE-2024-10573 | redhat_vex | mpg123: Buffer overflow when writing decoded PCM samples | fixed: 118 known affected: 4 | 2026-07-11T21:26:33+00:00 | Vulnerability · Source |
| CVE-2025-6176 | redhat_vex | Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS | fixed: 778 known affected: 3 known not affected: 236 | 2026-07-11T21:21:13+00:00 | Vulnerability · Source |
| CVE-2024-6174 | redhat_vex | cloud-init: Cloud init permissions flaw | fixed: 22 known affected: 2 | 2026-07-11T21:16:43+00:00 | Vulnerability · Source |
| CVE-2023-5574 | redhat_vex | xorg-x11-server: Use-after-free bug in DamageDestroy | fixed: 40 known affected: 38 known not affected: 26 | 2026-07-11T21:12:08+00:00 | Vulnerability · Source |
| CVE-2025-48866 | redhat_vex | mod_security: ModSecurity Denial of Service Vulnerability | fixed: 84 known affected: 6 | 2026-07-11T21:06:37+00:00 | Vulnerability · Source |
| CVE-2025-8176 | redhat_vex | libtiff: LibTIFF Use-After-Free Vulnerability | fixed: 239 known not affected: 50 | 2026-07-11T21:01:25+00:00 | Vulnerability · Source |
| CVE-2025-45582 | redhat_vex | tar: Tar path traversal | fixed: 62 known affected: 6 known not affected: 54 | 2026-07-11T21:01:25+00:00 | Vulnerability · Source |
| CVE-2025-43865 | redhat_vex | react-router: React Router allows pre-render data spoofing on React-Router framework mode | fixed: 4 known not affected: 76 | 2026-07-11T20:41:01+00:00 | Vulnerability · Source |
| CVE-2025-22150 | redhat_vex | undici: Undici Uses Insufficiently Random Values | fixed: 352 known affected: 3 known not affected: 107 | 2026-07-11T20:40:51+00:00 | Vulnerability · Source |
| CVE-2024-7557 | redhat_vex | odh-dashboard: odh-model-controller: Cross-Model Authentication Bypass in OpenShift AI | known affected: 4 | 2026-07-11T20:40:47+00:00 | Vulnerability · Source |
| CVE-2025-31137 | redhat_vex | react-router: Remix Host Header Spoofing Vulnerability | known affected: 1 known not affected: 83 | 2026-07-11T20:40:39+00:00 | Vulnerability · Source |
| CVE-2025-14025 | redhat_vex | ansible-automation-platform/aap-gateway: aap-gateway: Read-only Personal Access Token (PAT) bypasses write restrictions | fixed: 11 known not affected: 213 | 2026-07-11T20:35:04+00:00 | Vulnerability · Source |
| CVE-2025-26699 | redhat_vex | django: Potential denial-of-service vulnerability in django.utils.text.wrap() | fixed: 26 known affected: 7 known not affected: 458 | 2026-07-11T20:30:05+00:00 | Vulnerability · Source |
| CVE-2025-62727 | redhat_vex | starlette: Starlette DoS via Range header merging | fixed: 84 known affected: 18 known not affected: 423 | 2026-07-11T20:25:12+00:00 | Vulnerability · Source |
| CVE-2025-27610 | redhat_vex | rack: rubygem-rack: Local File Inclusion in Rack::Static | fixed: 121 known affected: 6 known not affected: 2033 | 2026-07-11T20:20:22+00:00 | Vulnerability · Source |
| CVE-2025-47287 | redhat_vex | tornado: Tornado Multipart Form-Data Denial of Service | fixed: 132 known affected: 3 known not affected: 6 | 2026-07-11T20:20:15+00:00 | Vulnerability · Source |
| CVE-2025-67725 | redhat_vex | tornado: Tornado Quadratic DoS via Repeated Header Coalescing | fixed: 134 known affected: 13 known not affected: 399 | 2026-07-11T20:10:21+00:00 | Vulnerability · Source |
| CVE-2025-67726 | redhat_vex | tornado: Tornado Quadratic DoS via Crafted Multipart Parameters | fixed: 134 known affected: 14 known not affected: 398 | 2026-07-11T20:10:19+00:00 | Vulnerability · Source |
| CVE-2025-46727 | redhat_vex | rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser | fixed: 155 known affected: 8 known not affected: 72 | 2026-07-11T20:05:05+00:00 | Vulnerability · Source |
| CVE-2025-59830 | redhat_vex | rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters | fixed: 154 known affected: 18 known not affected: 355 | 2026-07-11T20:00:20+00:00 | Vulnerability · Source |
| CVE-2025-61770 | redhat_vex | rack: Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion) | fixed: 152 known affected: 8 known not affected: 230 | 2026-07-11T20:00:09+00:00 | Vulnerability · Source |
| CVE-2025-61771 | redhat_vex | rack: Rack's multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion) | fixed: 120 known affected: 16 known not affected: 222 | 2026-07-11T20:00:08+00:00 | Vulnerability · Source |
| CVE-2025-61919 | redhat_vex | rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion | fixed: 168 known affected: 10 known not affected: 359 | 2026-07-11T20:00:07+00:00 | Vulnerability · Source |
| CVE-2025-61772 | redhat_vex | rack: Rack memory exhaustion denial of service | fixed: 138 known affected: 41 | 2026-07-11T20:00:06+00:00 | Vulnerability · Source |
| CVE-2025-23216 | redhat_vex | argocd: Argo CD does not scrub secret values from patch errors | fixed: 70 | 2026-07-11T19:00:04+00:00 | Vulnerability · Source |
| CVE-2024-13484 | redhat_vex | openshift-gitops-operator-container: Namespace Isolation Break | fixed: 74 known not affected: 29 | 2026-07-11T19:00:04+00:00 | Vulnerability · Source |
| CVE-2025-3415 | redhat_vex | grafana: Exposure of DingDing alerting integration URL to Viewer level users | known not affected: 21 | 2026-07-11T17:42:33+00:00 | Vulnerability · Source |
| CVE-2024-28956 | redhat_vex | microcode_ctl: From CVEorg collector | fixed: 947 known affected: 65 known not affected: 5 | 2026-07-11T17:42:12+00:00 | Vulnerability · Source |
| CVE-2025-47277 | redhat_vex | vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service | fixed: 15 known not affected: 1 | 2026-07-11T17:42:06+00:00 | Vulnerability · Source |
| CVE-2025-66516 | redhat_vex | tika-core: tika-parsers: tika-parser-pdf-module: Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected | fixed: 9 known not affected: 65 | 2026-07-11T17:41:42+00:00 | Vulnerability · Source |
| CVE-2025-32462 | redhat_vex | sudo: LPE via host option | fixed: 271 known not affected: 4159 | 2026-07-11T17:41:41+00:00 | Vulnerability · Source |
| CVE-2025-1094 | redhat_vex | postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation | fixed: 3374 known affected: 11 known not affected: 19 | 2026-07-11T17:41:38+00:00 | Vulnerability · Source |