VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221647 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-56289 microsoft_vex Loop with Unreachable Exit Condition in GNU patch fixed: 1 known affected: 2 2026-07-15T01:40:12+00:00 Vulnerability · Source
CVE-2026-43966 microsoft_vex HTTP Response Splitting via Non-VCHAR Bytes in cow_http_struct_hd:escape_string/2 fixed: 1 known affected: 2 2026-07-15T01:39:37+00:00 Vulnerability · Source
CVE-2026-44839 microsoft_vex RabbitMQ: Unsanitized vhost names allow for XSS in management UI fixed: 1 known affected: 3 2026-07-15T01:39:24+00:00 Vulnerability · Source
CVE-2025-44904 microsoft_vex hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function. fixed: 1 known affected: 4 2026-07-15T01:39:09+00:00 Vulnerability · Source
CVE-2026-52969 redhat_vex kernel: KVM: Reject wrapped offset in kvm_reset_dirty_gfn() known not affected: 274 2026-07-15T01:25:51+00:00 Vulnerability · Source
CVE-2025-14813 redhat_vex bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly fixed: 31 known affected: 35 known not affected: 494 2026-07-15T01:16:11+00:00 Vulnerability · Source
CVE-2026-52910 redhat_vex kernel: bpf: Free reuseport cBPF prog after RCU grace period known affected: 246 known not affected: 28 2026-07-15T01:12:54+00:00 Vulnerability · Source
CVE-2026-53437 redhat_vex jenkins: Jenkins: Phishing attack via improper redirect URL validation known affected: 1 2026-07-15T01:11:23+00:00 Vulnerability · Source
CVE-2026-6748 redhat_vex firefox: thunderbird: Uninitialized memory in the Audio/Video: Web Codecs component fixed: 368 known affected: 8 2026-07-15T01:08:09+00:00 Vulnerability · Source
CVE-2026-9697 redhat_vex undici: undici: Man-in-the-Middle attack via ignored TLS options with SOCKS5 proxy fixed: 132 known affected: 37 known not affected: 149 2026-07-15T01:08:07+00:00 Vulnerability · Source
CVE-2026-8389 redhat_vex firefox: JIT miscompilation in the JavaScript Engine: JIT component known not affected: 12 2026-07-15T01:08:05+00:00 Vulnerability · Source
CVE-2026-8388 redhat_vex firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component fixed: 260 known affected: 8 2026-07-15T01:08:02+00:00 Vulnerability · Source
CVE-2026-8947 redhat_vex firefox: thunderbird: Use-after-free in the DOM: Bindings (WebIDL) component fixed: 260 known affected: 8 2026-07-15T01:07:59+00:00 Vulnerability · Source
CVE-2026-8948 redhat_vex firefox: thunderbird: Same-origin policy bypass in the DOM: Networking component known not affected: 23 2026-07-15T01:07:56+00:00 Vulnerability · Source
CVE-2026-8401 redhat_vex firefox: thunderbird: Sandbox escape in the Profile Backup component fixed: 260 known affected: 8 2026-07-15T01:07:42+00:00 Vulnerability · Source
CVE-2026-8975 redhat_vex firefox: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151 fixed: 260 known affected: 8 2026-07-15T01:07:31+00:00 Vulnerability · Source
CVE-2026-6749 redhat_vex firefox: thunderbird: Information disclosure due to uninitialized memory in the Graphics: Canvas2D component fixed: 368 known affected: 8 2026-07-15T01:07:25+00:00 Vulnerability · Source
CVE-2026-6734 redhat_vex undici: undici: Information disclosure and data integrity issues due to incorrect Socks5ProxyAgent connection routing fixed: 132 known affected: 35 known not affected: 151 2026-07-15T01:06:46+00:00 Vulnerability · Source
CVE-2026-8391 redhat_vex firefox: thunderbird: Other issue in the JavaScript Engine component fixed: 260 known affected: 8 2026-07-15T01:06:35+00:00 Vulnerability · Source
CVE-2026-6752 redhat_vex firefox: thunderbird: Incorrect boundary conditions in the WebRTC component fixed: 368 known affected: 8 2026-07-15T01:06:22+00:00 Vulnerability · Source
CVE-2026-15308 microsoft_vex Incremental HTMLParser feed() allows CPU-exhaustion DoS via repeated unterminated markup declarations known affected: 2 2026-07-15T01:03:21+00:00 Vulnerability · Source
CVE-2026-57215 microsoft_vex RabbitMQ: Direct-reply-to binding persistence can lead to unauthorized reply-channel injection and persistent phantom known affected: 1 2026-07-15T01:03:16+00:00 Vulnerability · Source
CVE-2026-57211 microsoft_vex RabbitMQ: UNC SSRF affecting the management UI on Windows known affected: 1 2026-07-15T01:03:10+00:00 Vulnerability · Source
CVE-2026-57216 microsoft_vex RabbitMQ: AMQP 1.0, AMQP 0-9-1, Stream Protocol loopback enforcement can lead to remote guest sessions due to listener-address loopback checks known affected: 1 2026-07-15T01:02:45+00:00 Vulnerability · Source
CVE-2026-57213 microsoft_vex RabbitMQ: Stored XSS federation management plugin via unsanitized consumer_tag rendering known affected: 1 2026-07-15T01:02:32+00:00 Vulnerability · Source
CVE-2026-57217 microsoft_vex RabbitMQ: Topic authorization can lead to cross-tenant routing-key bypass known affected: 1 2026-07-15T01:02:26+00:00 Vulnerability · Source
CVE-2026-57220 microsoft_vex RabbitMQ: Stream listener does not enforce configured frame-size limit during authentication, permitting unauth'd mem-exhaust DoS known affected: 1 2026-07-15T01:02:20+00:00 Vulnerability · Source
CVE-2026-57219 microsoft_vex RabbitMQ: Unauthenticated disclosure of OAuth client credentials via an HTTP API endpoint with certain less common OAuth 2 configurations known affected: 1 2026-07-15T01:02:14+00:00 Vulnerability · Source
CVE-2026-59831 microsoft_vex GitHub CLI `gh codespace jupyter` could allow remote code execution when connecting to a malicious Codespace known affected: 1 2026-07-15T01:02:07+00:00 Vulnerability · Source
CVE-2026-59875 microsoft_vex node-tar: Uncaught Exception DoS via NUL byte in PAX path/linkpath records known affected: 1 2026-07-15T01:01:52+00:00 Vulnerability · Source
CVE-2026-42505 microsoft_vex Invoking Encrypted Client Hello privacy leak in crypto/tls known affected: 2 2026-07-15T01:01:45+00:00 Vulnerability · Source
CVE-2026-39822 microsoft_vex Root escape via symlink plus trailing slash in os known affected: 2 2026-07-15T01:01:36+00:00 Vulnerability · Source
CVE-2026-13221 microsoft_vex Perl versions through 5.43.9 produce silently incorrect regular expression matches when an alternation of more than 65535 fixed string branches is compiled into a trie in Perl_study_chunk fixed: 1 known affected: 1 2026-07-15T01:01:27+00:00 Vulnerability · Source
CVE-2026-57432 microsoft_vex Perl versions through 5.43.10 have an integer overflow in S_measure_struct leading to an out-of-bounds heap read in pack and unpack fixed: 1 known affected: 1 2026-07-15T01:01:20+00:00 Vulnerability · Source
CVE-2026-44431 redhat_vex urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers fixed: 90 known affected: 142 known not affected: 505 2026-07-15T00:41:30+00:00 Vulnerability · Source
CVE-2024-22047 redhat_vex audited: race condition can lead to audit logs being incorrectly attributed to the wrong user fixed: 2 known not affected: 1862 2026-07-15T00:08:17+00:00 Vulnerability · Source
CVE-2026-60103 redhat_vex blender: Blender: Denial of Service and information disclosure via crafted .blend file known not affected: 1 2026-07-15T00:07:46+00:00 Vulnerability · Source
CVE-2026-31790 redhat_vex openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key fixed: 244 known affected: 6 known not affected: 47 under investigation: 1 2026-07-15T00:07:04+00:00 Vulnerability · Source
CVE-2026-28390 redhat_vex openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing fixed: 301 known affected: 307 known not affected: 283 under investigation: 7 2026-07-15T00:07:03+00:00 Vulnerability · Source
CVE-2026-34980 redhat_vex cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network fixed: 19 known affected: 15 known not affected: 261 2026-07-15T00:06:57+00:00 Vulnerability · Source
CVE-2026-48914 redhat_vex qemu-kvm: Heap buffer overflow in virtio-blk SCSI request handling fixed: 116 known affected: 59 2026-07-15T00:06:50+00:00 Vulnerability · Source
CVE-2026-39246 redhat_vex decompress: decompress: arbitrary symlink creation during archive extraction leads to information disclosure known affected: 4 2026-07-15T00:00:53+00:00 Vulnerability · Source
CVE-2026-48523 redhat_vex python-pyjwt: PyJWT: Verifier-side algorithm bypass leads to unauthorized information access fixed: 4 known affected: 179 known not affected: 18 2026-07-14T23:54:34+00:00 Vulnerability · Source
CVE-2026-53550 redhat_vex js-yaml: js-yaml: Denial of Service via crafted YAML merge keys fixed: 4 known affected: 138 known not affected: 50 2026-07-14T23:54:34+00:00 Vulnerability · Source
CVE-2026-6637 redhat_vex postgresql: PostgreSQL: Arbitrary code execution vulnerability in 'refint' module fixed: 559 known affected: 111 known not affected: 75 2026-07-14T23:41:18+00:00 Vulnerability · Source
CVE-2026-6479 redhat_vex postgresql: PostgreSQL: Denial of Service via uncontrolled recursion in SSL/GSS negotiation fixed: 306 known affected: 49 known not affected: 137 2026-07-14T23:41:15+00:00 Vulnerability · Source
CVE-2026-45822 redhat_vex decode-uri-component: decode-uri-component: Denial of Service via crafted input known affected: 13 known not affected: 30 2026-07-14T22:56:53+00:00 Vulnerability · Source
CVE-2026-53016 redhat_vex kernel: crypto: ccp - copy IV using skcipher ivsize fixed: 612 known affected: 70 known not affected: 42 2026-07-14T22:23:01+00:00 Vulnerability · Source
CVE-2026-56117 redhat_vex dhcpcd: dhcpcd: Local heap use-after-free vulnerability leads to denial of service. known affected: 1 2026-07-14T22:10:45+00:00 Vulnerability · Source
CVE-2026-56113 redhat_vex dhcpcd: dhcpcd: Denial of Service via crafted DHCPv6 RENEW reply known affected: 1 2026-07-14T22:05:55+00:00 Vulnerability · Source