VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
221830 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-1933 | redhat_vex | samba: Missing access check on reparse point operations | fixed: 3903 known affected: 59 | 2026-07-02T19:05:40+00:00 | Vulnerability · Source |
| CVE-2026-45998 | redhat_vex | kernel: rxrpc: Fix potential UAF after skb_unshare() failure | fixed: 309 known affected: 108 known not affected: 90 | 2026-07-02T19:05:09+00:00 | Vulnerability · Source |
| CVE-2026-53351 | redhat_vex | kernel: riscv/ptrace: Use USER_REGSET_NOTE_TYPE for REGSET_CFI | known not affected: 274 | 2026-07-02T17:22:08+00:00 | Vulnerability · Source |
| CVE-2026-43211 | redhat_vex | kernel: PCI: Fix pci_slot_trylock() error handling | known affected: 198 known not affected: 76 | 2026-07-02T17:20:40+00:00 | Vulnerability · Source |
| CVE-2026-43148 | redhat_vex | kernel: powerpc/smp: Add check for kcalloc() failure in parse_thread_groups() | known affected: 246 known not affected: 28 | 2026-07-02T17:20:36+00:00 | Vulnerability · Source |
| CVE-2026-43123 | redhat_vex | kernel: fbcon: check return value of con2fb_acquire_newinfo() | known affected: 232 known not affected: 42 | 2026-07-02T17:20:31+00:00 | Vulnerability · Source |
| CVE-2026-43073 | redhat_vex | kernel: x86-64: rename misleadingly named '__copy_user_nocache()' function | known affected: 260 known not affected: 14 | 2026-07-02T17:20:25+00:00 | Vulnerability · Source |
| CVE-2026-43068 | redhat_vex | kernel: ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal() | known affected: 274 | 2026-07-02T17:20:21+00:00 | Vulnerability · Source |
| CVE-2026-41990 | redhat_vex | Libgcrypt: Libgcrypt: Denial of Service or data integrity issues from missing bounds check during Dilithium signing. | fixed: 3 known affected: 21 | 2026-07-02T17:20:12+00:00 | Vulnerability · Source |
| CVE-2026-41079 | redhat_vex | cups: CUPS: Information disclosure via crafted SNMP response | known affected: 41 known not affected: 1 | 2026-07-02T17:20:04+00:00 | Vulnerability · Source |
| CVE-2026-40334 | redhat_vex | libgphoto2: libgphoto2: Information disclosure and denial of service via missing null terminator | known affected: 10 | 2026-07-02T17:19:58+00:00 | Vulnerability · Source |
| CVE-2026-31897 | redhat_vex | freerdp: FreeRDP has an out-of-bounds read in `freerdp_bitmap_decompress_planar` | known affected: 31 | 2026-07-02T17:19:54+00:00 | Vulnerability · Source |
| CVE-2026-3234 | redhat_vex | mod_proxy_cluster: mod_proxy_cluster: Response body corruption via CRLF injection | known affected: 7 | 2026-07-02T17:19:46+00:00 | Vulnerability · Source |
| CVE-2026-31486 | redhat_vex | kernel: hwmon: (pmbus/core) Protect regulator operations with mutex | known affected: 232 known not affected: 42 | 2026-07-02T17:19:41+00:00 | Vulnerability · Source |
| CVE-2026-29776 | redhat_vex | freerdp: FreeRDP has an Integer Underflow in update_read_cache_bitmap_order Function of FreeRDP's Core Library | known affected: 31 | 2026-07-02T17:19:33+00:00 | Vulnerability · Source |
| CVE-2026-28753 | redhat_vex | NGINX: NGINX Plus: NGINX Open Source: NGINX Plus and NGINX Open Source: Request manipulation via header injection in SMTP upstream requests | fixed: 4 known affected: 54 | 2026-07-02T17:19:29+00:00 | Vulnerability · Source |
| CVE-2026-28422 | redhat_vex | vim: Vim: Integrity impact due to stack-buffer-overflow via wide terminal statusline rendering | known affected: 33 | 2026-07-02T17:19:24+00:00 | Vulnerability · Source |
| CVE-2026-28295 | redhat_vex | gvfs: GVfs FTP backend: Information disclosure via untrusted PASV responses | known affected: 48 | 2026-07-02T17:19:16+00:00 | Vulnerability · Source |
| CVE-2026-27171 | redhat_vex | zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions | known affected: 315 known not affected: 6 | 2026-07-02T17:19:10+00:00 | Vulnerability · Source |
| CVE-2026-26269 | redhat_vex | vim: Netbeans specialKeys stack buffer overflow | known affected: 33 | 2026-07-02T17:19:04+00:00 | Vulnerability · Source |
| CVE-2026-24883 | redhat_vex | GnuPG: GnuPG: Denial of service due to specially crafted signature packet | known affected: 15 | 2026-07-02T17:18:59+00:00 | Vulnerability · Source |
| CVE-2026-24515 | redhat_vex | libexpat: libexpat null pointer dereference | known affected: 21 | 2026-07-02T17:18:51+00:00 | Vulnerability · Source |
| CVE-2026-2708 | redhat_vex | libsoup: libsoup: HTTP Request Smuggling via Duplicate Content-Length Headers | known affected: 16 | 2026-07-02T17:18:47+00:00 | Vulnerability · Source |
| CVE-2026-2443 | redhat_vex | libsoup: Out-of-Bounds Read in libsoup handle_partial_get() Leading to Heap Information Disclosure | known affected: 16 | 2026-07-02T17:18:43+00:00 | Vulnerability · Source |
| CVE-2026-22036 | redhat_vex | undici: Undici: Denial of Service via excessive decompression steps | fixed: 1 known affected: 90 known not affected: 2 | 2026-07-02T17:18:28+00:00 | Vulnerability · Source |
| CVE-2026-21725 | redhat_vex | grafana: Grafana: Unauthorized data source deletion via time-of-create-to-time-of-use (TOCTOU) vulnerability | known affected: 23 | 2026-07-02T17:18:25+00:00 | Vulnerability · Source |
| CVE-2026-2243 | redhat_vex | qemu-kvm: Heap buffer out-of-bounds read in VMDK compressed grain parsing | known affected: 82 | 2026-07-02T17:18:15+00:00 | Vulnerability · Source |
| CVE-2026-2239 | redhat_vex | gimp: GIMP: Application crash (DoS) via crafted PSD file due to heap-buffer-overflow | known affected: 26 | 2026-07-02T17:18:15+00:00 | Vulnerability · Source |
| CVE-2026-1801 | redhat_vex | libsoup: libsoup: HTTP Request Smuggling via malformed chunk headers | known affected: 16 | 2026-07-02T17:18:09+00:00 | Vulnerability · Source |
| CVE-2026-1485 | redhat_vex | Glib: Glib: Local denial of service via buffer underflow in content type parsing | known affected: 70 | 2026-07-02T17:18:02+00:00 | Vulnerability · Source |
| CVE-2026-0992 | redhat_vex | libxml2: libxml2: Denial of Service via crafted XML catalogs | fixed: 3 known affected: 25 | 2026-07-02T17:17:57+00:00 | Vulnerability · Source |
| CVE-2026-0989 | redhat_vex | libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow | fixed: 3 known affected: 25 | 2026-07-02T17:17:54+00:00 | Vulnerability · Source |
| CVE-2026-0988 | redhat_vex | glib: GLib: Denial of Service via Integer Overflow in g_buffered_input_stream_peek() | fixed: 3 known affected: 70 | 2026-07-02T17:17:52+00:00 | Vulnerability · Source |
| CVE-2026-0968 | redhat_vex | libssh: libssh: Denial of Service due to malformed SFTP message | fixed: 58 known affected: 5 known not affected: 9 | 2026-07-02T17:17:47+00:00 | Vulnerability · Source |
| CVE-2026-0967 | redhat_vex | libssh: libssh: Denial of Service via inefficient regular expression processing | fixed: 58 known affected: 5 known not affected: 9 | 2026-07-02T17:17:45+00:00 | Vulnerability · Source |
| CVE-2026-0965 | redhat_vex | libssh: libssh: Denial of Service via improper configuration file handling | fixed: 58 known affected: 5 known not affected: 9 | 2026-07-02T17:17:44+00:00 | Vulnerability · Source |
| CVE-2025-31648 | redhat_vex | microcode_ctl: From CVEorg collector | known affected: 9 | 2026-07-02T17:17:35+00:00 | Vulnerability · Source |
| CVE-2025-11961 | redhat_vex | libpcap: libpcap: Memory corruption via malformed MAC-48 address input | known affected: 12 | 2026-07-02T17:17:34+00:00 | Vulnerability · Source |
| CVE-2025-11143 | redhat_vex | org.eclipse.jetty/jetty-http: org.eclipse.jetty: Security bypass due to differential URI parsing | fixed: 2 known affected: 33 known not affected: 2 | 2026-07-02T17:17:31+00:00 | Vulnerability · Source |
| CVE-2026-9076 | redhat_vex | openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption | fixed: 100 known affected: 51 known not affected: 1 | 2026-07-02T17:17:30+00:00 | Vulnerability · Source |
| CVE-2026-47778 | redhat_vex | envoy: Envoy: Information disclosure via malicious certificate with NUL byte in DNS Subject Alternative Name (SAN) | known affected: 2 | 2026-07-02T17:17:16+00:00 | Vulnerability · Source |
| CVE-2026-43204 | redhat_vex | kernel: ASoC: qcom: q6asm: drop DSP responses for closed data streams | known affected: 184 known not affected: 90 | 2026-07-02T17:17:10+00:00 | Vulnerability · Source |
| CVE-2026-43172 | redhat_vex | kernel: wifi: iwlwifi: fix 22000 series SMEM parsing | known affected: 260 known not affected: 14 | 2026-07-02T17:17:06+00:00 | Vulnerability · Source |
| CVE-2026-43150 | redhat_vex | kernel: perf/arm-cmn: Reject unsupported hardware configurations | known affected: 232 known not affected: 42 | 2026-07-02T17:16:59+00:00 | Vulnerability · Source |
| CVE-2026-43144 | redhat_vex | kernel: wifi: brcmfmac: Fix potential kernel oops when probe fails | known affected: 184 known not affected: 90 | 2026-07-02T17:16:57+00:00 | Vulnerability · Source |
| CVE-2026-43099 | redhat_vex | kernel: ipv4: icmp: fix null-ptr-deref in icmp_build_probe() | known affected: 198 known not affected: 76 | 2026-07-02T17:16:53+00:00 | Vulnerability · Source |
| CVE-2026-43070 | redhat_vex | kernel: bpf: Reset register ID for BPF_END value tracking | known affected: 260 known not affected: 14 | 2026-07-02T17:16:52+00:00 | Vulnerability · Source |
| CVE-2026-43065 | redhat_vex | kernel: ext4: always drain queued discard work in ext4_mb_release() | known affected: 198 known not affected: 76 | 2026-07-02T17:16:49+00:00 | Vulnerability · Source |
| CVE-2026-42036 | redhat_vex | axios: Axios: Denial of Service via unbounded stream consumption when 'responseType: 'stream'' is used | known affected: 85 known not affected: 4 | 2026-07-02T17:16:44+00:00 | Vulnerability · Source |
| CVE-2026-42034 | redhat_vex | axios: Axios: Denial of Service via oversized streamed uploads bypassing body limits | known affected: 85 known not affected: 4 | 2026-07-02T17:16:43+00:00 | Vulnerability · Source |