VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
221755 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-46295 | redhat_vex | kernel: KVM: x86: Do IRR scan in __kvm_apic_update_irr even if PIR is empty | known affected: 90 known not affected: 184 | 2026-07-08T19:28:50+00:00 | Vulnerability · Source |
| CVE-2026-46294 | redhat_vex | kernel: dm: fix a buffer overflow in ioctl processing | known affected: 274 | 2026-07-08T19:28:49+00:00 | Vulnerability · Source |
| CVE-2024-50125 | redhat_vex | kernel: Bluetooth: SCO: Fix UAF on sco_sock_timeout | fixed: 513 known affected: 112 | 2026-07-08T19:26:52+00:00 | Vulnerability · Source |
| CVE-2026-40253 | redhat_vex | openCryptoki: openCryptoki: Information disclosure and Denial of Service via malformed BER-encoded cryptographic objects | fixed: 473 known affected: 12 known not affected: 16 | 2026-07-08T19:26:41+00:00 | Vulnerability · Source |
| CVE-2026-35406 | redhat_vex | aardvark-dns: Aardvark-dns: Denial of Service via truncated TCP DNS query and connection reset | fixed: 26 known affected: 2 known not affected: 4 | 2026-07-08T19:26:21+00:00 | Vulnerability · Source |
| CVE-2026-40983 | redhat_vex | micrometer: micrometer-core: Micrometer: Denial of Service via specially crafted gRPC requests | fixed: 1 known affected: 15 known not affected: 4 under investigation: 9 | 2026-07-08T18:52:09+00:00 | Vulnerability · Source |
| CVE-2026-43125 | redhat_vex | kernel: dlm: validate length in dlm_search_rsb_tree | fixed: 1407 known affected: 33 known not affected: 76 under investigation: 14 | 2026-07-08T18:47:23+00:00 | Vulnerability · Source |
| CVE-2026-50559 | redhat_vex | io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters | fixed: 9 known affected: 17 known not affected: 66 | 2026-07-08T17:16:31+00:00 | Vulnerability · Source |
| CVE-2026-44774 | redhat_vex | traefik: Traefik: Privilege escalation via Kubernetes Gateway API provider configuration bypass | fixed: 4 known not affected: 63 | 2026-07-08T17:16:06+00:00 | Vulnerability · Source |
| CVE-2026-12856 | redhat_vex | vscode-java: vscode: Command Injection vulnerability in the JavaDoc hover provider of the vscode-java extension | fixed: 4 known not affected: 61 | 2026-07-08T17:15:04+00:00 | Vulnerability · Source |
| CVE-2026-53251 | redhat_vex | kernel: Bluetooth: ISO: Fix not releasing hdev reference on iso_conn_big_sync | known affected: 184 known not affected: 90 | 2026-07-08T17:05:08+00:00 | Vulnerability · Source |
| CVE-2026-53360 | redhat_vex | kernel: KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use | known affected: 184 known not affected: 90 | 2026-07-08T16:59:46+00:00 | Vulnerability · Source |
| CVE-2026-53258 | redhat_vex | kernel: wifi: fix leak if split 6 GHz scanning fails | known affected: 246 known not affected: 28 | 2026-07-08T16:55:13+00:00 | Vulnerability · Source |
| CVE-2026-53252 | redhat_vex | kernel: Bluetooth: fix memory leak in error path of hci_alloc_dev() | known affected: 198 known not affected: 76 | 2026-07-08T16:55:12+00:00 | Vulnerability · Source |
| CVE-2026-53255 | redhat_vex | kernel: Bluetooth: MGMT: validate advertising TLV before type checks | known affected: 260 known not affected: 14 | 2026-07-08T16:55:06+00:00 | Vulnerability · Source |
| CVE-2026-53257 | redhat_vex | kernel: wifi: cfg80211: enforce HE/EHT cap/oper consistency | known affected: 198 known not affected: 76 | 2026-07-08T16:55:01+00:00 | Vulnerability · Source |
| CVE-2026-46329 | redhat_vex | kernel: erofs: handle end of filesystem properly for file-backed mounts | known affected: 76 known not affected: 198 | 2026-07-08T16:25:36+00:00 | Vulnerability · Source |
| CVE-2026-15063 | redhat_vex | trustyai-service-operator: TrustyAI Service Operator: Gorch port bypass when auth IS enabled | known affected: 1 | 2026-07-08T16:10:45+00:00 | Vulnerability · Source |
| CVE-2026-52925 | redhat_vex | kernel: vrf: Fix a potential NPD when removing a port from a VRF | known affected: 232 known not affected: 42 | 2026-07-08T15:35:21+00:00 | Vulnerability · Source |
| CVE-2026-52928 | redhat_vex | kernel: af_unix: Reject SIOCATMARK on non-stream sockets | known affected: 90 known not affected: 184 | 2026-07-08T15:35:21+00:00 | Vulnerability · Source |
| CVE-2026-5757 | redhat_vex | Ollama: Ollama: Information disclosure vulnerability in model quantization engine | known not affected: 7 | 2026-07-08T15:35:19+00:00 | Vulnerability · Source |
| CVE-2026-52930 | redhat_vex | kernel: ipc/shm: serialize orphan cleanup with shm_nattch updates | known affected: 274 | 2026-07-08T15:35:10+00:00 | Vulnerability · Source |
| CVE-2026-44405 | redhat_vex | paramiko: Paramiko: Data integrity could be compromised due to SHA-1 algorithm use | known affected: 46 known not affected: 1 under investigation: 10 | 2026-07-08T15:30:20+00:00 | Vulnerability · Source |
| CVE-2025-61984 | redhat_vex | openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand | fixed: 734 known affected: 18 known not affected: 40 | 2026-07-08T15:25:48+00:00 | Vulnerability · Source |
| CVE-2025-59303 | redhat_vex | haproxy: HAProxy Kubernetes Ingress Controller: Secret Leak via Config Snippets | known affected: 10 known not affected: 7 | 2026-07-08T15:25:32+00:00 | Vulnerability · Source |
| CVE-2025-61985 | redhat_vex | openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand | fixed: 734 known affected: 18 known not affected: 40 | 2026-07-08T15:25:21+00:00 | Vulnerability · Source |
| CVE-2026-47204 | redhat_vex | envoy: Envoy: Denial of Service via Connect protocol request | known affected: 2 | 2026-07-08T15:21:08+00:00 | Vulnerability · Source |
| CVE-2025-11081 | redhat_vex | binutils: GNU Binutils out-of-bounds read | fixed: 3 known affected: 74 known not affected: 5 | 2026-07-08T15:21:06+00:00 | Vulnerability · Source |
| CVE-2026-48706 | redhat_vex | envoy: Envoy Heap Buffer Overflow in TcpStatsdSink | known affected: 2 | 2026-07-08T15:20:58+00:00 | Vulnerability · Source |
| CVE-2026-46283 | redhat_vex | kernel: tpm: Use kfree_sensitive() to free auth session in tpm_dev_release() | known affected: 90 known not affected: 184 | 2026-07-08T15:20:56+00:00 | Vulnerability · Source |
| CVE-2026-47221 | redhat_vex | envoy: Envoy: Null pointer deref in internal redirects | known affected: 2 | 2026-07-08T15:20:52+00:00 | Vulnerability · Source |
| CVE-2026-48044 | redhat_vex | Envoy: Envoy: Denial of Service via specially crafted zstd payload | known affected: 2 | 2026-07-08T15:20:50+00:00 | Vulnerability · Source |
| CVE-2026-12481 | redhat_vex | keras: Keras: Arbitrary code execution via deserialization vulnerability | known affected: 6 known not affected: 3 | 2026-07-08T15:20:49+00:00 | Vulnerability · Source |
| CVE-2026-48743 | redhat_vex | envoy: Envoy: Request desynchronization allows security policy bypass via HTTP/3 to HTTP/1 translation | known affected: 2 | 2026-07-08T15:19:54+00:00 | Vulnerability · Source |
| CVE-2026-48042 | redhat_vex | envoy: Envoy: Denial of Service via deeply nested JSON objects | known affected: 2 | 2026-07-08T15:19:47+00:00 | Vulnerability · Source |
| CVE-2025-59375 | redhat_vex | firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing | fixed: 509 known affected: 13 known not affected: 301 | 2026-07-08T15:15:16+00:00 | Vulnerability · Source |
| CVE-2026-14739 | redhat_vex | DBI: DBI: Heap overflow when preparsing SQL statements with excessive placeholders | known affected: 6 | 2026-07-08T15:15:11+00:00 | Vulnerability · Source |
| CVE-2026-46279 | redhat_vex | kernel: mm/alloc_tag: clear codetag for pages allocated before page_ext initialization | known affected: 90 known not affected: 184 | 2026-07-08T15:09:05+00:00 | Vulnerability · Source |
| CVE-2026-46313 | redhat_vex | kernel: media: intel/ipu6: fix error pointer dereference | known affected: 76 known not affected: 198 | 2026-07-08T15:09:02+00:00 | Vulnerability · Source |
| CVE-2025-53859 | redhat_vex | nginx: NGINX ngx_mail_smtp_module vulnerability | fixed: 4 known affected: 76 | 2026-07-08T15:09:00+00:00 | Vulnerability · Source |
| CVE-2026-46302 | redhat_vex | kernel: selinux: allow multiple opens of /sys/fs/selinux/policy | known affected: 274 | 2026-07-08T15:08:57+00:00 | Vulnerability · Source |
| CVE-2026-46298 | redhat_vex | kernel: pseries/papr-hvpipe: Fix race with interrupt handler | known affected: 184 known not affected: 90 | 2026-07-08T15:08:56+00:00 | Vulnerability · Source |
| CVE-2025-11412 | redhat_vex | binutils: GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-bounds | fixed: 3 known affected: 77 | 2026-07-08T15:08:55+00:00 | Vulnerability · Source |
| CVE-2025-71315 | redhat_vex | kernel: drm/vkms: Convert to DRM's vblank timer | known affected: 232 known not affected: 42 | 2026-07-08T15:08:52+00:00 | Vulnerability · Source |
| CVE-2025-11413 | redhat_vex | binutils: GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-bounds | fixed: 3 known affected: 77 | 2026-07-08T15:08:48+00:00 | Vulnerability · Source |
| CVE-2026-40228 | redhat_vex | systemd: systemd-journald: Unintended output to user terminals via logger command | fixed: 4 known not affected: 131 | 2026-07-08T15:08:47+00:00 | Vulnerability · Source |
| CVE-2025-11840 | redhat_vex | binutils: GNU Binutils out-of-bounds read | fixed: 3 known affected: 77 | 2026-07-08T15:08:44+00:00 | Vulnerability · Source |
| CVE-2025-11414 | redhat_vex | binutils: GNU Binutils Linker elflink.c get_link_hash_entry out-of-bounds | fixed: 3 known affected: 77 | 2026-07-08T15:08:43+00:00 | Vulnerability · Source |
| CVE-2025-11495 | redhat_vex | binutils: GNU Binutils Linker heap-based overflow | fixed: 3 known affected: 77 | 2026-07-08T15:08:40+00:00 | Vulnerability · Source |
| CVE-2025-11839 | redhat_vex | binutils: GNU Binutils prdbg.c tg_tag_type return value | fixed: 3 known affected: 77 | 2026-07-08T15:08:38+00:00 | Vulnerability · Source |