VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221822 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-43176 redhat_vex kernel: wifi: rtw89: pci: validate release report content before using for RTL8922DE known affected: 232 known not affected: 42 2026-07-03T14:57:49+00:00 Vulnerability · Source
CVE-2026-43156 redhat_vex kernel: net: usb: pegasus: enable basic endpoint checking known affected: 274 2026-07-03T14:57:47+00:00 Vulnerability · Source
CVE-2026-43129 redhat_vex kernel: ima: verify the previous kernel's IMA buffer lies in addressable RAM known affected: 232 known not affected: 42 2026-07-03T14:57:43+00:00 Vulnerability · Source
CVE-2026-43067 redhat_vex kernel: ext4: handle wraparound when searching for blocks for indirect mapped blocks known affected: 274 2026-07-03T14:57:28+00:00 Vulnerability · Source
CVE-2026-43119 redhat_vex kernel: Bluetooth: hci_sync: annotate data-races around hdev->req_status known affected: 274 2026-07-03T14:57:28+00:00 Vulnerability · Source
CVE-2026-31694 redhat_vex kernel: fuse: reject oversized dirents in page cache known not affected: 274 2026-07-03T14:40:14+00:00 Vulnerability · Source
CVE-2026-23253 redhat_vex kernel: Kernel: Denial of Service via DVB DVR ringbuffer reinitialization flaw known affected: 76 known not affected: 198 2026-07-03T14:40:09+00:00 Vulnerability · Source
CVE-2026-13573 redhat_vex llvm: llvm: Denial of Service via stack-based buffer overflow in StringMap::insert fixed: 8 known affected: 146 2026-07-03T14:40:04+00:00 Vulnerability · Source
CVE-2026-20243 redhat_vex clamav: ClamAV: Denial of Service via crafted ALZ file known not affected: 1 2026-07-03T14:40:04+00:00 Vulnerability · Source
CVE-2026-57914 redhat_vex apache-kerby: org.apache.kerby/kerby-asn1: Apache Kerby: Denial of Service via deeply nested ASN.1 structure known affected: 16 2026-07-03T14:37:14+00:00 Vulnerability · Source
CVE-2026-42779 redhat_vex Apache MINA: Apache MINA: Arbitrary Code Execution via Classname Allowlist Bypass known affected: 5 known not affected: 22 2026-07-03T14:36:50+00:00 Vulnerability · Source
CVE-2026-20244 redhat_vex clamav: ClamAV: Denial of Service via crafted DMG file known not affected: 1 2026-07-03T13:38:44+00:00 Vulnerability · Source
CVE-2026-54371 redhat_vex attr: Symlink Traversal Privilege Escalation via getfattr and setfattr fixed: 3 known affected: 16 2026-07-03T13:20:36+00:00 Vulnerability · Source
CVE-2026-20217 redhat_vex clamav: ClamAV: Denial of Service via crafted PESpin file known not affected: 1 2026-07-03T13:01:10+00:00 Vulnerability · Source
CVE-2026-20215 redhat_vex clamav: ClamAV: Denial of Service via crafted 7z file known not affected: 1 2026-07-03T12:50:01+00:00 Vulnerability · Source
CVE-2026-22773 redhat_vex vllm: vLLM: Denial of Service via specially crafted image in multimodal model serving fixed: 8 known affected: 12 known not affected: 206 2026-07-03T12:28:29+00:00 Vulnerability · Source
CVE-2024-11706 redhat_vex firefox: thunderbird: Null Pointer Dereference in PKCS#12 Utility known affected: 12 under investigation: 14 2026-07-03T12:14:59+00:00 Vulnerability · Source
CVE-2024-11705 redhat_vex firefox: thunderbird: Null Pointer Dereference in NSC_DeriveKey known affected: 12 under investigation: 14 2026-07-03T12:14:58+00:00 Vulnerability · Source
CVE-2024-11704 redhat_vex firefox: thunderbird: Potential Double-Free Vulnerability in PKCS#7 Decryption Handling known affected: 12 under investigation: 14 2026-07-03T12:14:57+00:00 Vulnerability · Source
CVE-2024-11701 redhat_vex firefox: thunderbird: Misleading Address Bar State During Navigation Interruption known affected: 12 under investigation: 14 2026-07-03T12:14:52+00:00 Vulnerability · Source
CVE-2026-13574 redhat_vex llvm: llvm-project: LLVM: Denial of service via heap-based buffer overflow in Bitcode File Handler fixed: 8 known affected: 64 known not affected: 65 2026-07-03T12:14:49+00:00 Vulnerability · Source
CVE-2024-11708 redhat_vex firefox: thunderbird: Data race with PlaybackParams known affected: 12 under investigation: 14 2026-07-03T12:14:45+00:00 Vulnerability · Source
CVE-2025-1414 redhat_vex firefox: Memory safety bugs fixed in Firefox 135.0.1 known affected: 8 under investigation: 5 2026-07-03T12:06:56+00:00 Vulnerability · Source
CVE-2025-0247 redhat_vex firefox: thunderbird: Memory safety bugs fixed in Firefox 134 and Thunderbird 134 known affected: 12 under investigation: 14 2026-07-03T12:06:53+00:00 Vulnerability · Source
CVE-2022-32296 redhat_vex kernel: insufficient TCP source port randomness leads to client identification fixed: 2 under investigation: 198 2026-07-03T12:04:07+00:00 Vulnerability · Source
CVE-2020-36310 redhat_vex kernel: infinite loop in set_memory_region_test in arch/x86/kvm/svm/svm.c for certain nested page faults known not affected: 1 under investigation: 197 2026-07-03T12:04:02+00:00 Vulnerability · Source
CVE-2020-19715 redhat_vex exiv2: integer buffer overflow in getUShort fucntion leads to DoS known affected: 3 under investigation: 14 2026-07-03T12:03:58+00:00 Vulnerability · Source
CVE-2021-41190 redhat_vex opencontainers: OCI manifest and index parsing confusion fixed: 297 known affected: 69 known not affected: 1189 2026-07-03T12:03:56+00:00 Vulnerability · Source
CVE-2023-25165 redhat_vex helm: getHostByName Function Information Disclosure fixed: 22 known affected: 30 known not affected: 1880 2026-07-03T12:03:33+00:00 Vulnerability · Source
CVE-2022-23526 redhat_vex helm: Denial of service through schema file fixed: 13 known affected: 26 known not affected: 1402 2026-07-03T12:03:29+00:00 Vulnerability · Source
CVE-2022-23525 redhat_vex helm: Denial of service through through repository index file fixed: 152 known affected: 17 known not affected: 1262 2026-07-03T12:03:25+00:00 Vulnerability · Source
CVE-2026-27980 redhat_vex next.js: Next.js: Unbounded next/image disk cache growth can exhaust storage fixed: 2 known affected: 4 known not affected: 12 2026-07-03T12:02:07+00:00 Vulnerability · Source
CVE-2026-1002 redhat_vex io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files fixed: 30 known affected: 19 known not affected: 322 2026-07-03T12:02:01+00:00 Vulnerability · Source
CVE-2025-58056 redhat_vex netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions fixed: 282 known affected: 45 known not affected: 9 2026-07-03T12:02:00+00:00 Vulnerability · Source
CVE-2023-28642 redhat_vex runc: AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration fixed: 805 known affected: 19 known not affected: 633 2026-07-03T11:50:31+00:00 Vulnerability · Source
CVE-2023-27561 redhat_vex runc: volume mount race condition (regression of CVE-2019-19921) fixed: 556 known affected: 36 known not affected: 1666 2026-07-03T11:50:20+00:00 Vulnerability · Source
CVE-2023-25809 redhat_vex runc: Rootless runc makes `/sys/fs/cgroup` writable fixed: 542 known affected: 30 known not affected: 622 2026-07-03T11:50:20+00:00 Vulnerability · Source
CVE-2018-20676 redhat_vex bootstrap: XSS in the tooltip data-viewport attribute fixed: 395 known affected: 95 known not affected: 63 under investigation: 26 2026-07-03T11:49:01+00:00 Vulnerability · Source
CVE-2018-14041 redhat_vex bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy fixed: 163 known affected: 90 known not affected: 301 under investigation: 26 2026-07-03T11:48:56+00:00 Vulnerability · Source
CVE-2021-23566 redhat_vex nanoid: Information disclosure via valueOf() function fixed: 7 known affected: 7 known not affected: 688 2026-07-03T11:48:52+00:00 Vulnerability · Source
CVE-2022-27191 redhat_vex golang: crash in a golang.org/x/crypto/ssh server fixed: 808 known affected: 82 known not affected: 4981 2026-07-03T11:48:06+00:00 Vulnerability · Source
CVE-2022-24450 redhat_vex nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account known affected: 18 known not affected: 8 2026-07-03T11:48:01+00:00 Vulnerability · Source
CVE-2021-43565 redhat_vex golang.org/x/crypto: empty plaintext packet causes panic fixed: 266 known affected: 137 known not affected: 1464 2026-07-03T11:47:57+00:00 Vulnerability · Source
CVE-2022-29810 redhat_vex go-getter: writes SSH credentials into logfile, exposing sensitive credentials to local uses fixed: 15 known affected: 11 known not affected: 682 2026-07-03T11:46:56+00:00 Vulnerability · Source
CVE-2022-24785 redhat_vex Moment.js: Path traversal in moment.locale fixed: 743 known affected: 92 known not affected: 475 2026-07-03T11:46:49+00:00 Vulnerability · Source
CVE-2022-23806 redhat_vex golang: crypto/elliptic: IsOnCurve returns true for invalid field elements fixed: 908 known affected: 97 known not affected: 1002 under investigation: 2 2026-07-03T11:46:43+00:00 Vulnerability · Source
CVE-2022-21803 redhat_vex nconf: Prototype pollution in memory store known affected: 7 2026-07-03T11:46:42+00:00 Vulnerability · Source
CVE-2022-0235 redhat_vex node-fetch: exposure of sensitive information to an unauthorized actor fixed: 102 known affected: 140 known not affected: 796 under investigation: 2 2026-07-03T11:46:28+00:00 Vulnerability · Source
CVE-2026-39852 redhat_vex io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests fixed: 11 known affected: 16 known not affected: 18 2026-07-03T11:45:00+00:00 Vulnerability · Source
CVE-2026-33871 redhat_vex netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood fixed: 67 known affected: 51 known not affected: 465 2026-07-03T11:44:52+00:00 Vulnerability · Source