VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

222278 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-48779 microsoft_vex ws: Memory exhaustion DoS from tiny fragments and data chunks known not affected: 1 2026-07-03T01:10:13+00:00 Vulnerability · Source
CVE-2026-41991 microsoft_vex Predictable Temporary File in GNU gzip known affected: 1 known not affected: 1 2026-07-03T01:09:59+00:00 Vulnerability · Source
CVE-2026-58050 microsoft_vex libssh2 - Integer Overflow in publickey Subsystem Attribute Allocation known not affected: 3 2026-07-03T01:09:25+00:00 Vulnerability · Source
CVE-2026-53279 microsoft_vex drm/gma500/oaktrail_lvds: fix hang on init failure known not affected: 1 2026-07-03T01:09:13+00:00 Vulnerability · Source
CVE-2026-53303 microsoft_vex f2fs: protect extension_list reading with sb_lock in f2fs_sbi_show() known not affected: 1 2026-07-03T01:09:08+00:00 Vulnerability · Source
CVE-2026-53294 microsoft_vex mailbox: mailbox-test: don't free the reused channel known not affected: 1 2026-07-03T01:09:02+00:00 Vulnerability · Source
CVE-2026-53306 microsoft_vex tty: hvc_iucv: fix off-by-one in number of supported devices known not affected: 1 2026-07-03T01:08:56+00:00 Vulnerability · Source
CVE-2026-53309 microsoft_vex ocfs2/dlm: fix off-by-one in dlm_match_regions() region comparison known not affected: 1 2026-07-03T01:08:50+00:00 Vulnerability · Source
CVE-2026-53296 microsoft_vex mailbox: mailbox-test: free channels on probe error known not affected: 1 2026-07-03T01:08:45+00:00 Vulnerability · Source
CVE-2026-53320 microsoft_vex nilfs2: reject zero bd_oblocknr in nilfs_ioctl_mark_blocks_dirty() known not affected: 1 2026-07-03T01:08:39+00:00 Vulnerability · Source
CVE-2026-0864 microsoft_vex Configuration Injection via Carriage Return (\r) in write() method known affected: 2 known not affected: 1 2026-07-03T01:08:33+00:00 Vulnerability · Source
CVE-2026-3195 microsoft_vex Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb (incomplete fix for cve-2024-7730) fixed: 2 known affected: 3 2026-07-03T01:08:03+00:00 Vulnerability · Source
CVE-2026-11972 microsoft_vex tarfile opened in streaming mode mishandles EOF known affected: 2 known not affected: 1 2026-07-03T01:07:57+00:00 Vulnerability · Source
CVE-2026-56412 microsoft_vex libexpat before 2.8.2 does not consider XML_TOK_DATA_CHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219. fixed: 1 known affected: 3 known not affected: 2 2026-07-03T01:07:18+00:00 Vulnerability · Source
CVE-2026-56405 microsoft_vex libexpat before 2.8.2 has an integer overflow in getAttributeId. fixed: 1 known affected: 3 known not affected: 2 2026-07-03T01:07:08+00:00 Vulnerability · Source
CVE-2026-56407 microsoft_vex libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen. fixed: 1 known affected: 3 known not affected: 2 2026-07-03T01:06:51+00:00 Vulnerability · Source
CVE-2026-56403 microsoft_vex libexpat before 2.8.2 has an integer overflow in storeAtts. fixed: 1 known affected: 3 known not affected: 2 2026-07-03T01:06:32+00:00 Vulnerability · Source
CVE-2026-56406 microsoft_vex libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse. fixed: 1 known affected: 3 known not affected: 2 2026-07-03T01:06:23+00:00 Vulnerability · Source
CVE-2026-56132 microsoft_vex In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers. fixed: 1 known affected: 3 known not affected: 2 2026-07-03T01:06:15+00:00 Vulnerability · Source
CVE-2026-56404 microsoft_vex libexpat before 2.8.2 has an integer overflow in addBinding. fixed: 1 known affected: 3 known not affected: 2 2026-07-03T01:06:06+00:00 Vulnerability · Source
CVE-2026-2376 redhat_vex mirror-registry: quay: quay: Server-side Request Forgery via open redirect vulnerability in web interface known affected: 4 2026-07-03T01:06:01+00:00 Vulnerability · Source
CVE-2026-56131 microsoft_vex libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_ResumeParser from within handlers in cases of a policy violation. Thus, a use-after-free can occur (similar to the CVE-2026-50219 situation). fixed: 1 known affected: 3 known not affected: 2 2026-07-03T01:05:57+00:00 Vulnerability · Source
CVE-2025-68158 redhat_vex Authlib: Authlib: Cross-Site Request Forgery due to improper session management in state storage fixed: 12 known affected: 1 known not affected: 54 2026-07-03T01:05:39+00:00 Vulnerability · Source
CVE-2026-53016 microsoft_vex crypto: ccp - copy IV using skcipher ivsize known not affected: 1 2026-07-03T01:05:17+00:00 Vulnerability · Source
CVE-2025-4374 redhat_vex quay: Incorrect Privilege Assignment known affected: 1 2026-07-03T01:04:36+00:00 Vulnerability · Source
CVE-2026-53046 microsoft_vex ksmbd: fix use-after-free from async crypto on Qualcomm crypto engine known not affected: 1 2026-07-03T01:04:36+00:00 Vulnerability · Source
CVE-2026-53039 microsoft_vex ocfs2: validate group add input before caching known not affected: 1 2026-07-03T01:04:26+00:00 Vulnerability · Source
CVE-2026-53045 microsoft_vex memory: tegra124-emc: Fix dll_change check known not affected: 1 2026-07-03T01:04:20+00:00 Vulnerability · Source
CVE-2026-53049 microsoft_vex gfs2: add some missing log locking known not affected: 1 2026-07-03T01:04:14+00:00 Vulnerability · Source
CVE-2026-13757 microsoft_vex P11-kit: stack exhaustion via unbounded recursion in rpc attribute parsing known affected: 1 2026-07-03T01:04:13+00:00 Vulnerability · Source
CVE-2026-53098 microsoft_vex wifi: mt76: mt7915: fix use-after-free bugs in mt7915_mac_dump_work() known not affected: 1 2026-07-03T01:04:08+00:00 Vulnerability · Source
CVE-2026-52911 microsoft_vex ksmbd: scope conn->binding slowpath to bound sessions only known not affected: 1 2026-07-03T01:04:01+00:00 Vulnerability · Source
CVE-2025-21605 redhat_vex redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client fixed: 233 known affected: 2 known not affected: 7 2026-07-03T01:03:57+00:00 Vulnerability · Source
CVE-2026-53052 microsoft_vex ASoC: qcom: qdsp6: topology: check widget type before accessing data known not affected: 1 2026-07-03T01:03:55+00:00 Vulnerability · Source
CVE-2025-3528 redhat_vex mirror-registry: Local privilege escalation due to incorrect permissions in mirror-registry fixed: 3 known affected: 1 2026-07-03T01:03:54+00:00 Vulnerability · Source
CVE-2026-55200 microsoft_vex libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c fixed: 2 known affected: 3 known not affected: 1 2026-07-03T01:03:42+00:00 Vulnerability · Source
CVE-2026-53043 microsoft_vex ocfs2/dlm: validate qr_numregions in dlm_match_regions() known not affected: 1 2026-07-03T01:03:26+00:00 Vulnerability · Source
CVE-2026-52913 microsoft_vex batman-adv: v: stop OGMv2 on disabled interface known not affected: 1 2026-07-03T01:03:20+00:00 Vulnerability · Source
CVE-2026-53195 microsoft_vex USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr() known not affected: 1 2026-07-03T01:03:06+00:00 Vulnerability · Source
CVE-2026-52944 microsoft_vex ksmbd: fix FSCTL permission bypass by adding a permission check for FSCTL_SET_SPARSE known not affected: 1 2026-07-03T01:02:51+00:00 Vulnerability · Source
CVE-2026-53196 microsoft_vex USB: serial: io_ti: fix heap overflow in get_manuf_info() known not affected: 1 2026-07-03T01:02:44+00:00 Vulnerability · Source
CVE-2026-52962 microsoft_vex ceph: fix a buffer leak in __ceph_setxattr() fixed: 1 known affected: 1 under investigation: 1 2026-07-03T01:02:37+00:00 Vulnerability · Source
CVE-2026-52935 microsoft_vex xfrm: espintcp: do not reuse an in-progress partial send known not affected: 1 2026-07-03T01:02:31+00:00 Vulnerability · Source
CVE-2026-53130 microsoft_vex fs/omfs: reject s_sys_blocksize smaller than OMFS_DIR_START known not affected: 1 2026-07-03T01:02:24+00:00 Vulnerability · Source
CVE-2026-53048 microsoft_vex gfs2: prevent NULL pointer dereference during unmount known not affected: 1 2026-07-03T01:02:17+00:00 Vulnerability · Source
CVE-2026-53160 microsoft_vex misc: fastrpc: fix use-after-free race in fastrpc_map_create known not affected: 1 2026-07-03T01:02:11+00:00 Vulnerability · Source
CVE-2026-56149 microsoft_vex Allocation of Resources Without Limits or Throttling in Elasticsearch Leading to Denial of Service known affected: 1 2026-07-03T01:02:04+00:00 Vulnerability · Source
CVE-2026-53010 microsoft_vex ksmbd: fix use-after-free in smb2_open during durable reconnect known affected: 1 known not affected: 1 2026-07-03T01:02:03+00:00 Vulnerability · Source
CVE-2026-53097 microsoft_vex wifi: mt76: mt7996: fix use-after-free bugs in mt7996_mac_dump_work() known affected: 1 known not affected: 1 2026-07-03T01:01:57+00:00 Vulnerability · Source
CVE-2026-49090 microsoft_vex Uncontrolled Resource Consumption in Elasticsearch Leading to Denial of Service known affected: 1 2026-07-03T01:01:57+00:00 Vulnerability · Source