VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
222161 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-14544 | redhat_vex | HPLIP: Incomplete Fix for CVE-2026-8631 | fixed: 10 known affected: 6 known not affected: 76 | 2026-07-16T09:44:04+00:00 | Vulnerability · Source |
| CVE-2026-8595 | redhat_vex | grafana: Grafana: Stored Cross-Site Scripting via malicious dashboard field name | known not affected: 28 | 2026-07-16T09:41:26+00:00 | Vulnerability · Source |
| CVE-2026-61863 | redhat_vex | ImageMagick: ImageMagick: Memory leak in TIFF encoder | known affected: 14 | 2026-07-16T09:38:03+00:00 | Vulnerability · Source |
| CVE-2026-61872 | redhat_vex | ImageMagick: ImageMagick: Denial of Service due to memory leak in TIFF encoder | known affected: 14 | 2026-07-16T09:38:03+00:00 | Vulnerability · Source |
| CVE-2026-61859 | redhat_vex | ImageMagick: ImageMagick: Information disclosure via policy bypass in -script operation | known affected: 14 | 2026-07-16T09:38:01+00:00 | Vulnerability · Source |
| CVE-2026-61868 | redhat_vex | ImageMagick: ImageMagick: Denial of Service due to memory leak in YUV decoder | known affected: 14 | 2026-07-16T09:37:58+00:00 | Vulnerability · Source |
| CVE-2026-61871 | redhat_vex | ImageMagick: ImageMagick: Denial of Service via memory leak in ICON decoder | known affected: 14 | 2026-07-16T09:37:57+00:00 | Vulnerability · Source |
| CVE-2026-61866 | redhat_vex | ImageMagick: ImageMagick: Memory leak in JNG encoder can lead to denial of service | known affected: 14 | 2026-07-16T09:37:53+00:00 | Vulnerability · Source |
| CVE-2026-61869 | redhat_vex | ImageMagick: ImageMagick: Denial of Service via memory leak in MIFF encoder | known affected: 14 | 2026-07-16T09:37:49+00:00 | Vulnerability · Source |
| CVE-2026-61864 | redhat_vex | ImageMagick: ImageMagick: Memory leak in color transformation to log colorspace | known affected: 14 | 2026-07-16T09:37:48+00:00 | Vulnerability · Source |
| CVE-2026-61862 | redhat_vex | ImageMagick: ImageMagick: Information disclosure via out-of-bounds read when displaying profiles with debug enabled | known affected: 14 | 2026-07-16T09:37:48+00:00 | Vulnerability · Source |
| CVE-2026-56375 | redhat_vex | Magick.NET-Q16-AnyCPU: Magick.NET-Q16-HDRI-AnyCPU: Magick.NET-Q16-HDRI-OpenMP-arm64: Magick.NET-Q16-HDRI-arm64: Magick.NET-Q16-HDRI-x64: Magick.NET-Q16-HDRI-x86: Magick.NET-Q16-OpenMP-arm64: Magick.NET-Q16-OpenMP-x64: Magick.NET-Q16-OpenMP-x86: Magick.NET-Q16-arm64: Magick.NET-Q16-x64: Magick.NET-Q16-x86: Magick.NET-Q8-AnyCPU: Magick.NET-Q8-OpenMP-arm64: Magick.NET-Q8-OpenMP-x64: Magick.NET-Q8-arm64: Magick.NET-Q8-x64: Magick.NET-Q8-x86: ImageMagick: Denial of Service due to memory leak in ASHLAR coder | known affected: 14 | 2026-07-16T09:37:46+00:00 | Vulnerability · Source |
| CVE-2026-61860 | redhat_vex | ImageMagick: ImageMagick: Denial of Service via use-after-free during freetype initialization | known affected: 14 | 2026-07-16T09:37:46+00:00 | Vulnerability · Source |
| CVE-2026-61865 | redhat_vex | ImageMagick: ImageMagick: Memory leak in hough lines operation can lead to denial of service | known affected: 14 | 2026-07-16T09:37:45+00:00 | Vulnerability · Source |
| CVE-2026-61867 | redhat_vex | ImageMagick: ImageMagick: Denial of Service due to memory leak in TIFF encoder | known affected: 14 | 2026-07-16T09:37:44+00:00 | Vulnerability · Source |
| CVE-2026-61464 | redhat_vex | ImageMagick: ImageMagick before 7.1.2-26 Heap Buffer Over-Write via X11 | known affected: 14 | 2026-07-16T09:37:41+00:00 | Vulnerability · Source |
| CVE-2026-15925 | redhat_vex | snowflake-connector-python: Snowflake Connector for Python: Arbitrary SQL execution and information disclosure via improper TLS hostname verification | known affected: 1 | 2026-07-16T09:32:29+00:00 | Vulnerability · Source |
| CVE-2025-58188 | redhat_vex | crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509 | fixed: 8 known affected: 10 known not affected: 50 under investigation: 351 | 2026-07-16T09:26:51+00:00 | Vulnerability · Source |
| CVE-2026-28390 | redhat_vex | openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing | fixed: 301 known affected: 302 known not affected: 288 under investigation: 7 | 2026-07-16T09:21:46+00:00 | Vulnerability · Source |
| CVE-2026-49854 | redhat_vex | tornado: Tornado: Information disclosure via out-of-bounds read in websocket_mask | known affected: 45 under investigation: 14 | 2026-07-16T09:05:59+00:00 | Vulnerability · Source |
| CVE-2026-45804 | redhat_vex | diffusers: Diffusers: Arbitrary code execution due to trust_remote_code guard bypass | known affected: 14 known not affected: 2 | 2026-07-16T09:05:56+00:00 | Vulnerability · Source |
| CVE-2026-10879 | redhat_vex | perl-DBI: perl-DBI: Heap overflow in SQL preparsing can lead to denial of service or arbitrary code execution. | fixed: 39 known affected: 6 | 2026-07-16T09:03:06+00:00 | Vulnerability · Source |
| CVE-2026-59205 | redhat_vex | Pillow: Pillow: Controlled native heap corruption in ImageCms.ImageCmsTransform.apply API | known affected: 66 under investigation: 25 | 2026-07-16T09:00:58+00:00 | Vulnerability · Source |
| CVE-2026-59203 | redhat_vex | Pillow: Pillow: Denial of Service via crafted EPS file | known affected: 60 known not affected: 6 under investigation: 25 | 2026-07-16T09:00:57+00:00 | Vulnerability · Source |
| CVE-2026-25681 | redhat_vex | golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting | fixed: 290 known affected: 414 known not affected: 523 under investigation: 2 | 2026-07-16T08:32:08+00:00 | Vulnerability · Source |
| CVE-2026-25679 | redhat_vex | net/url: Incorrect parsing of IPv6 host literals in net/url | fixed: 8880 known affected: 164 known not affected: 4255 under investigation: 1 | 2026-07-16T08:31:39+00:00 | Vulnerability · Source |
| CVE-2025-61728 | redhat_vex | golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip | fixed: 6567 known affected: 110 known not affected: 4103 | 2026-07-16T08:26:39+00:00 | Vulnerability · Source |
| CVE-2025-58183 | redhat_vex | golang: archive/tar: Unbounded allocation when parsing GNU sparse map | fixed: 8840 known affected: 129 known not affected: 8191 | 2026-07-16T08:26:35+00:00 | Vulnerability · Source |
| CVE-2026-14380 | redhat_vex | DBI: DBI: Arbitrary code execution via caller-influenced Profile attribute | known affected: 10 | 2026-07-16T08:26:32+00:00 | Vulnerability · Source |
| CVE-2026-33186 | redhat_vex | google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation | fixed: 2477 known affected: 409 known not affected: 27387 under investigation: 1 | 2026-07-16T08:25:49+00:00 | Vulnerability · Source |
| CVE-2025-66506 | redhat_vex | github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token | fixed: 320 known affected: 66 known not affected: 1247 | 2026-07-16T08:25:43+00:00 | Vulnerability · Source |
| CVE-2025-66418 | redhat_vex | urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion | fixed: 1933 known affected: 421 known not affected: 2586 under investigation: 1 | 2026-07-16T08:25:31+00:00 | Vulnerability · Source |
| CVE-2025-64756 | redhat_vex | glob: glob: Command Injection Vulnerability via Malicious Filenames | fixed: 171 known affected: 145 known not affected: 1097 | 2026-07-16T08:25:25+00:00 | Vulnerability · Source |
| CVE-2025-61729 | redhat_vex | crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate | fixed: 7443 known affected: 439 known not affected: 4614 under investigation: 2 | 2026-07-16T08:25:16+00:00 | Vulnerability · Source |
| CVE-2025-52881 | redhat_vex | runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects | fixed: 2379 known affected: 45 known not affected: 4060 | 2026-07-16T08:25:06+00:00 | Vulnerability · Source |
| CVE-2025-30204 | redhat_vex | golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing | fixed: 3038 known affected: 78 known not affected: 11728 | 2026-07-16T08:25:03+00:00 | Vulnerability · Source |
| CVE-2025-22869 | redhat_vex | golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh | fixed: 2719 known affected: 55 known not affected: 6259 under investigation: 1 | 2026-07-16T08:25:00+00:00 | Vulnerability · Source |
| CVE-2025-22868 | redhat_vex | golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws | fixed: 1876 known affected: 95 known not affected: 8426 | 2026-07-16T08:25:00+00:00 | Vulnerability · Source |
| CVE-2026-9698 | redhat_vex | DBI: DBI: Buffer overflow in error handling can lead to arbitrary code execution | fixed: 52 known affected: 4 | 2026-07-16T08:21:22+00:00 | Vulnerability · Source |
| CVE-2026-50589 | redhat_vex | openstack-ironic: OpenStack Ironic: Denial of Service via crafted JSON string | known not affected: 14 | 2026-07-16T08:21:21+00:00 | Vulnerability · Source |
| CVE-2024-24786 | redhat_vex | golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON | fixed: 2012 known affected: 115 known not affected: 11938 under investigation: 58 | 2026-07-16T08:17:29+00:00 | Vulnerability · Source |
| CVE-2024-24784 | redhat_vex | golang: net/mail: comments in display names are incorrectly handled | fixed: 1678 known affected: 56 known not affected: 714 | 2026-07-16T08:17:27+00:00 | Vulnerability · Source |
| CVE-2022-41715 | redhat_vex | golang: regexp/syntax: limit memory used by parsing regexps | fixed: 2994 known affected: 91 known not affected: 2693 under investigation: 1 | 2026-07-16T08:17:22+00:00 | Vulnerability · Source |
| CVE-2022-30631 | redhat_vex | golang: compress/gzip: stack exhaustion in Reader.Read | fixed: 4253 known affected: 91 known not affected: 2159 | 2026-07-16T08:17:22+00:00 | Vulnerability · Source |
| CVE-2026-59198 | redhat_vex | Pillow: Pillow: Information disclosure via TGA RLE encoder out-of-bounds read | known affected: 66 under investigation: 25 | 2026-07-16T08:17:21+00:00 | Vulnerability · Source |
| CVE-2026-59886 | redhat_vex | pyasn1: pyasn1: Denial of Service via crafted ASN.1 REAL values | known affected: 56 known not affected: 1 under investigation: 79 | 2026-07-16T08:12:33+00:00 | Vulnerability · Source |
| CVE-2021-20329 | redhat_vex | mongo-go-driver: specific cstrings input may not be properly validated | fixed: 252 known affected: 69 known not affected: 3782 | 2026-07-16T08:09:53+00:00 | Vulnerability · Source |
| CVE-2026-50144 | redhat_vex | ncnn: ncnn: Out-of-bounds write allows arbitrary code execution | known not affected: 1 | 2026-07-16T08:08:10+00:00 | Vulnerability · Source |
| CVE-2026-27136 | redhat_vex | golang.org/x/net/html: golang: golang.org/x/net/html: Cross-Site Scripting via HTML parsing bypass | fixed: 218 known affected: 417 known not affected: 173 under investigation: 2 | 2026-07-16T08:08:08+00:00 | Vulnerability · Source |
| CVE-2025-40026 | redhat_vex | kernel: KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O | known affected: 260 known not affected: 14 | 2026-07-16T08:08:05+00:00 | Vulnerability · Source |