VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221830 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-9076 redhat_vex openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption fixed: 100 known affected: 51 known not affected: 1 2026-07-02T17:17:30+00:00 Vulnerability · Source
CVE-2026-47778 redhat_vex envoy: Envoy: Information disclosure via malicious certificate with NUL byte in DNS Subject Alternative Name (SAN) known affected: 2 2026-07-02T17:17:16+00:00 Vulnerability · Source
CVE-2026-43204 redhat_vex kernel: ASoC: qcom: q6asm: drop DSP responses for closed data streams known affected: 184 known not affected: 90 2026-07-02T17:17:10+00:00 Vulnerability · Source
CVE-2026-43172 redhat_vex kernel: wifi: iwlwifi: fix 22000 series SMEM parsing known affected: 260 known not affected: 14 2026-07-02T17:17:06+00:00 Vulnerability · Source
CVE-2026-43150 redhat_vex kernel: perf/arm-cmn: Reject unsupported hardware configurations known affected: 232 known not affected: 42 2026-07-02T17:16:59+00:00 Vulnerability · Source
CVE-2026-43144 redhat_vex kernel: wifi: brcmfmac: Fix potential kernel oops when probe fails known affected: 184 known not affected: 90 2026-07-02T17:16:57+00:00 Vulnerability · Source
CVE-2026-43099 redhat_vex kernel: ipv4: icmp: fix null-ptr-deref in icmp_build_probe() known affected: 198 known not affected: 76 2026-07-02T17:16:53+00:00 Vulnerability · Source
CVE-2026-43070 redhat_vex kernel: bpf: Reset register ID for BPF_END value tracking known affected: 260 known not affected: 14 2026-07-02T17:16:52+00:00 Vulnerability · Source
CVE-2026-43065 redhat_vex kernel: ext4: always drain queued discard work in ext4_mb_release() known affected: 198 known not affected: 76 2026-07-02T17:16:49+00:00 Vulnerability · Source
CVE-2026-42036 redhat_vex axios: Axios: Denial of Service via unbounded stream consumption when 'responseType: 'stream'' is used known affected: 85 known not affected: 4 2026-07-02T17:16:44+00:00 Vulnerability · Source
CVE-2026-42034 redhat_vex axios: Axios: Denial of Service via oversized streamed uploads bypassing body limits known affected: 85 known not affected: 4 2026-07-02T17:16:43+00:00 Vulnerability · Source
CVE-2026-41305 redhat_vex postcss: PostCSS: Cross-Site Scripting (XSS) via improper escaping of style closing tags known affected: 128 known not affected: 2 2026-07-02T17:16:41+00:00 Vulnerability · Source
CVE-2026-41254 redhat_vex Little CMS: lcms2: mm2/Little-CMS: Little CMS: Information disclosure or denial of service via integer overflow in CubeSize known affected: 261 2026-07-02T17:16:39+00:00 Vulnerability · Source
CVE-2026-41066 redhat_vex lxml: python: lxml: Information disclosure via untrusted XML input leading to local file read known affected: 32 known not affected: 3 2026-07-02T17:16:32+00:00 Vulnerability · Source
CVE-2026-40919 redhat_vex gimp: GIMP: Denial of Service via specially crafted Seattle Filmworks file known affected: 32 2026-07-02T17:16:30+00:00 Vulnerability · Source
CVE-2026-40918 redhat_vex gimp: GIMP: Denial of Service via crafted PVR image file known affected: 32 2026-07-02T17:16:29+00:00 Vulnerability · Source
CVE-2026-40917 redhat_vex gimp: GIMP: Application crashes or information disclosure via crafted ICNS image files known affected: 32 2026-07-02T17:16:26+00:00 Vulnerability · Source
CVE-2026-40916 redhat_vex gimp: GIMP: Denial of Service due to stack buffer overflow in TIM image loader known affected: 32 2026-07-02T17:16:24+00:00 Vulnerability · Source
CVE-2026-40915 redhat_vex gimp: GIMP: Heap buffer overflow due to integer overflow in FITS image loader known affected: 32 2026-07-02T17:16:22+00:00 Vulnerability · Source
CVE-2026-40447 redhat_vex escargot: Escargot: Denial of Service due to integer overflow or wraparound vulnerability known affected: 80 2026-07-02T17:16:21+00:00 Vulnerability · Source
CVE-2026-40354 redhat_vex flatpak: xdg-desktop-portal: Flatpak xdg-desktop-portal: File deletion via symlink attack known affected: 8 2026-07-02T17:16:18+00:00 Vulnerability · Source
CVE-2026-40341 redhat_vex libgphoto2: libgphoto2: Denial of Service via out-of-bounds read from untrusted USB devices known affected: 10 2026-07-02T17:16:16+00:00 Vulnerability · Source
CVE-2026-40340 redhat_vex libgphoto2: libgphoto2: Information disclosure and denial of service via out-of-bounds read known affected: 10 2026-07-02T17:16:14+00:00 Vulnerability · Source
CVE-2026-40339 redhat_vex libgphoto2: libgphoto2: Information Disclosure via out-of-bounds read known affected: 10 2026-07-02T17:16:12+00:00 Vulnerability · Source
CVE-2026-40338 redhat_vex libgphoto2: libgphoto2: Information disclosure and denial of service via out-of-bounds read known affected: 10 2026-07-02T17:16:10+00:00 Vulnerability · Source
CVE-2026-40335 redhat_vex libgphoto2: libgphoto2: Information disclosure via out-of-bounds read in ptp_unpack_DPV() known affected: 10 2026-07-02T17:16:08+00:00 Vulnerability · Source
CVE-2026-40333 redhat_vex libgphoto2: libgphoto2: Information disclosure and denial of service via unbounded reads known affected: 10 2026-07-02T17:16:06+00:00 Vulnerability · Source
CVE-2026-40254 redhat_vex FreeRDP: FreeRDP: Information disclosure and arbitrary file modification via path traversal known affected: 31 2026-07-02T17:16:05+00:00 Vulnerability · Source
CVE-2026-39886 redhat_vex OpenEXR: OpenEXR: Signed integer overflow in HTJ2K decompression can lead to denial of service. known affected: 18 2026-07-02T17:16:04+00:00 Vulnerability · Source
CVE-2026-33555 redhat_vex haproxy: HAProxy: Request smuggling via HTTP/3 parser desynchronization fixed: 3 known affected: 10 known not affected: 4 2026-07-02T17:15:57+00:00 Vulnerability · Source
CVE-2026-33523 redhat_vex httpd: HTTP response splitting forwarding malicious status line fixed: 4 known affected: 53 2026-07-02T17:15:55+00:00 Vulnerability · Source
CVE-2026-32778 redhat_vex libexpat: libexpat: Denial of Service via NULL pointer dereference after out-of-memory condition known affected: 21 2026-07-02T17:15:54+00:00 Vulnerability · Source
CVE-2026-32775 redhat_vex libexif: libexif: Buffer overwrite via integer underflow in MakerNotes decoding known affected: 17 2026-07-02T17:15:53+00:00 Vulnerability · Source
CVE-2026-32777 redhat_vex libexpat: libexpat: Denial of Service via infinite loop in DTD content parsing known affected: 21 2026-07-02T17:15:51+00:00 Vulnerability · Source
CVE-2026-32776 redhat_vex libexpat: libexpat: Denial of Service due to NULL pointer dereference known affected: 21 2026-07-02T17:15:50+00:00 Vulnerability · Source
CVE-2026-5406 redhat_vex wireshark: Wireshark: Denial of Service via FC-SWILS protocol dissector crash known affected: 20 2026-07-02T17:15:48+00:00 Vulnerability · Source
CVE-2026-4867 redhat_vex path-to-regexp: path-to-regexp: Denial of Service via catastrophic backtracking from malformed URL parameters fixed: 12 known affected: 102 known not affected: 85 2026-07-02T17:15:44+00:00 Vulnerability · Source
CVE-2026-4897 redhat_vex polkit: Polkit: Denial of Service via unbounded input processing through standard input known affected: 23 2026-07-02T17:15:44+00:00 Vulnerability · Source
CVE-2026-4367 redhat_vex libXpm: libXpm: Denial of Service via out-of-bounds read in XPM file parsing fixed: 3 known affected: 13 2026-07-02T17:15:41+00:00 Vulnerability · Source
CVE-2026-4426 redhat_vex libarchive: libarchive: Denial of Service via malformed ISO file processing fixed: 3 known affected: 21 2026-07-02T17:15:40+00:00 Vulnerability · Source
CVE-2026-4105 redhat_vex systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method fixed: 4 known affected: 131 2026-07-02T17:15:35+00:00 Vulnerability · Source
CVE-2026-3731 redhat_vex libssh: libssh: Denial of Service via out-of-bounds read in SFTP extension name handler fixed: 4 known affected: 21 2026-07-02T17:15:32+00:00 Vulnerability · Source
CVE-2026-3634 redhat_vex libsoup: libsoup: HTTP header injection and response splitting via CRLF injection in Content-Type header known affected: 16 2026-07-02T17:15:28+00:00 Vulnerability · Source
CVE-2026-3494 redhat_vex MariaDB: MariaDB: Information disclosure due to unlogged SQL statements with comments known affected: 162 2026-07-02T17:15:27+00:00 Vulnerability · Source
CVE-2026-31680 redhat_vex kernel: net: ipv6: flowlabel: defer exclusive option free until RCU teardown known affected: 260 known not affected: 14 2026-07-02T17:15:15+00:00 Vulnerability · Source
CVE-2026-31679 redhat_vex kernel: openvswitch: validate MPLS set/set_masked payload length known affected: 260 known not affected: 14 2026-07-02T17:15:13+00:00 Vulnerability · Source
CVE-2026-31678 redhat_vex kernel: openvswitch: defer tunnel netdev_put to RCU release known affected: 260 known not affected: 14 2026-07-02T17:15:11+00:00 Vulnerability · Source
CVE-2026-31675 redhat_vex kernel: net/sched: sch_netem: fix out-of-bounds access in packet corruption known affected: 260 known not affected: 14 2026-07-02T17:15:09+00:00 Vulnerability · Source
CVE-2026-31674 redhat_vex kernel: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() known affected: 260 known not affected: 14 2026-07-02T17:15:08+00:00 Vulnerability · Source
CVE-2026-31673 redhat_vex kernel: af_unix: read UNIX_DIAG_VFS data under unix_state_lock known affected: 260 known not affected: 14 2026-07-02T17:15:04+00:00 Vulnerability · Source