VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221755 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-46295 redhat_vex kernel: KVM: x86: Do IRR scan in __kvm_apic_update_irr even if PIR is empty known affected: 90 known not affected: 184 2026-07-08T19:28:50+00:00 Vulnerability · Source
CVE-2026-46294 redhat_vex kernel: dm: fix a buffer overflow in ioctl processing known affected: 274 2026-07-08T19:28:49+00:00 Vulnerability · Source
CVE-2024-50125 redhat_vex kernel: Bluetooth: SCO: Fix UAF on sco_sock_timeout fixed: 513 known affected: 112 2026-07-08T19:26:52+00:00 Vulnerability · Source
CVE-2026-40253 redhat_vex openCryptoki: openCryptoki: Information disclosure and Denial of Service via malformed BER-encoded cryptographic objects fixed: 473 known affected: 12 known not affected: 16 2026-07-08T19:26:41+00:00 Vulnerability · Source
CVE-2026-35406 redhat_vex aardvark-dns: Aardvark-dns: Denial of Service via truncated TCP DNS query and connection reset fixed: 26 known affected: 2 known not affected: 4 2026-07-08T19:26:21+00:00 Vulnerability · Source
CVE-2026-40983 redhat_vex micrometer: micrometer-core: Micrometer: Denial of Service via specially crafted gRPC requests fixed: 1 known affected: 15 known not affected: 4 under investigation: 9 2026-07-08T18:52:09+00:00 Vulnerability · Source
CVE-2026-43125 redhat_vex kernel: dlm: validate length in dlm_search_rsb_tree fixed: 1407 known affected: 33 known not affected: 76 under investigation: 14 2026-07-08T18:47:23+00:00 Vulnerability · Source
CVE-2026-50559 redhat_vex io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters fixed: 9 known affected: 17 known not affected: 66 2026-07-08T17:16:31+00:00 Vulnerability · Source
CVE-2026-44774 redhat_vex traefik: Traefik: Privilege escalation via Kubernetes Gateway API provider configuration bypass fixed: 4 known not affected: 63 2026-07-08T17:16:06+00:00 Vulnerability · Source
CVE-2026-12856 redhat_vex vscode-java: vscode: Command Injection vulnerability in the JavaDoc hover provider of the vscode-java extension fixed: 4 known not affected: 61 2026-07-08T17:15:04+00:00 Vulnerability · Source
CVE-2026-53251 redhat_vex kernel: Bluetooth: ISO: Fix not releasing hdev reference on iso_conn_big_sync known affected: 184 known not affected: 90 2026-07-08T17:05:08+00:00 Vulnerability · Source
CVE-2026-53360 redhat_vex kernel: KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use known affected: 184 known not affected: 90 2026-07-08T16:59:46+00:00 Vulnerability · Source
CVE-2026-53258 redhat_vex kernel: wifi: fix leak if split 6 GHz scanning fails known affected: 246 known not affected: 28 2026-07-08T16:55:13+00:00 Vulnerability · Source
CVE-2026-53252 redhat_vex kernel: Bluetooth: fix memory leak in error path of hci_alloc_dev() known affected: 198 known not affected: 76 2026-07-08T16:55:12+00:00 Vulnerability · Source
CVE-2026-53255 redhat_vex kernel: Bluetooth: MGMT: validate advertising TLV before type checks known affected: 260 known not affected: 14 2026-07-08T16:55:06+00:00 Vulnerability · Source
CVE-2026-53257 redhat_vex kernel: wifi: cfg80211: enforce HE/EHT cap/oper consistency known affected: 198 known not affected: 76 2026-07-08T16:55:01+00:00 Vulnerability · Source
CVE-2026-46329 redhat_vex kernel: erofs: handle end of filesystem properly for file-backed mounts known affected: 76 known not affected: 198 2026-07-08T16:25:36+00:00 Vulnerability · Source
CVE-2026-15063 redhat_vex trustyai-service-operator: TrustyAI Service Operator: Gorch port bypass when auth IS enabled known affected: 1 2026-07-08T16:10:45+00:00 Vulnerability · Source
CVE-2026-52925 redhat_vex kernel: vrf: Fix a potential NPD when removing a port from a VRF known affected: 232 known not affected: 42 2026-07-08T15:35:21+00:00 Vulnerability · Source
CVE-2026-52928 redhat_vex kernel: af_unix: Reject SIOCATMARK on non-stream sockets known affected: 90 known not affected: 184 2026-07-08T15:35:21+00:00 Vulnerability · Source
CVE-2026-5757 redhat_vex Ollama: Ollama: Information disclosure vulnerability in model quantization engine known not affected: 7 2026-07-08T15:35:19+00:00 Vulnerability · Source
CVE-2026-52930 redhat_vex kernel: ipc/shm: serialize orphan cleanup with shm_nattch updates known affected: 274 2026-07-08T15:35:10+00:00 Vulnerability · Source
CVE-2026-44405 redhat_vex paramiko: Paramiko: Data integrity could be compromised due to SHA-1 algorithm use known affected: 46 known not affected: 1 under investigation: 10 2026-07-08T15:30:20+00:00 Vulnerability · Source
CVE-2025-61984 redhat_vex openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand fixed: 734 known affected: 18 known not affected: 40 2026-07-08T15:25:48+00:00 Vulnerability · Source
CVE-2025-59303 redhat_vex haproxy: HAProxy Kubernetes Ingress Controller: Secret Leak via Config Snippets known affected: 10 known not affected: 7 2026-07-08T15:25:32+00:00 Vulnerability · Source
CVE-2025-61985 redhat_vex openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand fixed: 734 known affected: 18 known not affected: 40 2026-07-08T15:25:21+00:00 Vulnerability · Source
CVE-2026-47204 redhat_vex envoy: Envoy: Denial of Service via Connect protocol request known affected: 2 2026-07-08T15:21:08+00:00 Vulnerability · Source
CVE-2025-11081 redhat_vex binutils: GNU Binutils out-of-bounds read fixed: 3 known affected: 74 known not affected: 5 2026-07-08T15:21:06+00:00 Vulnerability · Source
CVE-2026-48706 redhat_vex envoy: Envoy Heap Buffer Overflow in TcpStatsdSink known affected: 2 2026-07-08T15:20:58+00:00 Vulnerability · Source
CVE-2026-46283 redhat_vex kernel: tpm: Use kfree_sensitive() to free auth session in tpm_dev_release() known affected: 90 known not affected: 184 2026-07-08T15:20:56+00:00 Vulnerability · Source
CVE-2026-47221 redhat_vex envoy: Envoy: Null pointer deref in internal redirects known affected: 2 2026-07-08T15:20:52+00:00 Vulnerability · Source
CVE-2026-48044 redhat_vex Envoy: Envoy: Denial of Service via specially crafted zstd payload known affected: 2 2026-07-08T15:20:50+00:00 Vulnerability · Source
CVE-2026-12481 redhat_vex keras: Keras: Arbitrary code execution via deserialization vulnerability known affected: 6 known not affected: 3 2026-07-08T15:20:49+00:00 Vulnerability · Source
CVE-2026-48743 redhat_vex envoy: Envoy: Request desynchronization allows security policy bypass via HTTP/3 to HTTP/1 translation known affected: 2 2026-07-08T15:19:54+00:00 Vulnerability · Source
CVE-2026-48042 redhat_vex envoy: Envoy: Denial of Service via deeply nested JSON objects known affected: 2 2026-07-08T15:19:47+00:00 Vulnerability · Source
CVE-2025-59375 redhat_vex firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing fixed: 509 known affected: 13 known not affected: 301 2026-07-08T15:15:16+00:00 Vulnerability · Source
CVE-2026-14739 redhat_vex DBI: DBI: Heap overflow when preparsing SQL statements with excessive placeholders known affected: 6 2026-07-08T15:15:11+00:00 Vulnerability · Source
CVE-2026-46279 redhat_vex kernel: mm/alloc_tag: clear codetag for pages allocated before page_ext initialization known affected: 90 known not affected: 184 2026-07-08T15:09:05+00:00 Vulnerability · Source
CVE-2026-46313 redhat_vex kernel: media: intel/ipu6: fix error pointer dereference known affected: 76 known not affected: 198 2026-07-08T15:09:02+00:00 Vulnerability · Source
CVE-2025-53859 redhat_vex nginx: NGINX ngx_mail_smtp_module vulnerability fixed: 4 known affected: 76 2026-07-08T15:09:00+00:00 Vulnerability · Source
CVE-2026-46302 redhat_vex kernel: selinux: allow multiple opens of /sys/fs/selinux/policy known affected: 274 2026-07-08T15:08:57+00:00 Vulnerability · Source
CVE-2026-46298 redhat_vex kernel: pseries/papr-hvpipe: Fix race with interrupt handler known affected: 184 known not affected: 90 2026-07-08T15:08:56+00:00 Vulnerability · Source
CVE-2025-11412 redhat_vex binutils: GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-bounds fixed: 3 known affected: 77 2026-07-08T15:08:55+00:00 Vulnerability · Source
CVE-2025-71315 redhat_vex kernel: drm/vkms: Convert to DRM's vblank timer known affected: 232 known not affected: 42 2026-07-08T15:08:52+00:00 Vulnerability · Source
CVE-2025-11413 redhat_vex binutils: GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-bounds fixed: 3 known affected: 77 2026-07-08T15:08:48+00:00 Vulnerability · Source
CVE-2026-40228 redhat_vex systemd: systemd-journald: Unintended output to user terminals via logger command fixed: 4 known not affected: 131 2026-07-08T15:08:47+00:00 Vulnerability · Source
CVE-2025-11840 redhat_vex binutils: GNU Binutils out-of-bounds read fixed: 3 known affected: 77 2026-07-08T15:08:44+00:00 Vulnerability · Source
CVE-2025-11414 redhat_vex binutils: GNU Binutils Linker elflink.c get_link_hash_entry out-of-bounds fixed: 3 known affected: 77 2026-07-08T15:08:43+00:00 Vulnerability · Source
CVE-2025-11495 redhat_vex binutils: GNU Binutils Linker heap-based overflow fixed: 3 known affected: 77 2026-07-08T15:08:40+00:00 Vulnerability · Source
CVE-2025-11839 redhat_vex binutils: GNU Binutils prdbg.c tg_tag_type return value fixed: 3 known affected: 77 2026-07-08T15:08:38+00:00 Vulnerability · Source