VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
222278 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-53048 | microsoft_vex | gfs2: prevent NULL pointer dereference during unmount | known not affected: 1 | 2026-07-03T01:02:17+00:00 | Vulnerability · Source |
| CVE-2026-53160 | microsoft_vex | misc: fastrpc: fix use-after-free race in fastrpc_map_create | known not affected: 1 | 2026-07-03T01:02:11+00:00 | Vulnerability · Source |
| CVE-2026-56149 | microsoft_vex | Allocation of Resources Without Limits or Throttling in Elasticsearch Leading to Denial of Service | known affected: 1 | 2026-07-03T01:02:04+00:00 | Vulnerability · Source |
| CVE-2026-53010 | microsoft_vex | ksmbd: fix use-after-free in smb2_open during durable reconnect | known affected: 1 known not affected: 1 | 2026-07-03T01:02:03+00:00 | Vulnerability · Source |
| CVE-2026-53097 | microsoft_vex | wifi: mt76: mt7996: fix use-after-free bugs in mt7996_mac_dump_work() | known affected: 1 known not affected: 1 | 2026-07-03T01:01:57+00:00 | Vulnerability · Source |
| CVE-2026-49090 | microsoft_vex | Uncontrolled Resource Consumption in Elasticsearch Leading to Denial of Service | known affected: 1 | 2026-07-03T01:01:57+00:00 | Vulnerability · Source |
| CVE-2026-52992 | microsoft_vex | fs/adfs: validate nzones in adfs_validate_bblk() | known not affected: 1 | 2026-07-03T01:01:51+00:00 | Vulnerability · Source |
| CVE-2026-52954 | microsoft_vex | libceph: handle rbtree insertion error in decode_choose_args() | fixed: 1 known affected: 2 | 2026-07-03T01:01:44+00:00 | Vulnerability · Source |
| CVE-2026-52946 | microsoft_vex | fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signaling | fixed: 1 known affected: 2 | 2026-07-03T01:01:37+00:00 | Vulnerability · Source |
| CVE-2026-43167 | redhat_vex | kernel: xfrm: always flush state and policy upon NETDEV_UNREGISTER event | known affected: 232 known not affected: 42 | 2026-07-02T21:46:29+00:00 | Vulnerability · Source |
| CVE-2026-43251 | redhat_vex | kernel: HID: prodikeys: Check presence of pm->input_ep82 | known affected: 260 known not affected: 14 | 2026-07-02T21:44:59+00:00 | Vulnerability · Source |
| CVE-2026-43216 | redhat_vex | kernel: net: Drop the lock in skb_may_tx_timestamp() | known affected: 246 known not affected: 28 | 2026-07-02T21:44:57+00:00 | Vulnerability · Source |
| CVE-2026-43215 | redhat_vex | kernel: cifs: Fix locking usage for tcon fields | known affected: 232 known not affected: 42 | 2026-07-02T21:44:54+00:00 | Vulnerability · Source |
| CVE-2026-43153 | redhat_vex | kernel: xfs: remove xfs_attr_leaf_hasname | known affected: 232 known not affected: 42 | 2026-07-02T21:44:52+00:00 | Vulnerability · Source |
| CVE-2026-43139 | redhat_vex | kernel: xfrm6: fix uninitialized saddr in xfrm6_get_saddr() | known affected: 274 | 2026-07-02T21:44:49+00:00 | Vulnerability · Source |
| CVE-2026-42042 | redhat_vex | axios: Axios: XSRF token bypass leading to information disclosure | known affected: 89 known not affected: 1 | 2026-07-02T21:44:47+00:00 | Vulnerability · Source |
| CVE-2026-42038 | redhat_vex | axios: Axios: Information disclosure due to `no_proxy` bypass | known affected: 89 known not affected: 1 | 2026-07-02T21:44:47+00:00 | Vulnerability · Source |
| CVE-2026-42037 | redhat_vex | axios: Node.js: Axios: Information disclosure via CRLF injection in multipart Content-Type header | known affected: 89 known not affected: 1 | 2026-07-02T21:44:44+00:00 | Vulnerability · Source |
| CVE-2026-41257 | redhat_vex | jq: signed-int overflow in stack_reallocate | fixed: 3 known affected: 14 | 2026-07-02T21:44:41+00:00 | Vulnerability · Source |
| CVE-2026-34479 | redhat_vex | org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping | fixed: 2 known affected: 16 | 2026-07-02T21:44:37+00:00 | Vulnerability · Source |
| CVE-2026-34477 | redhat_vex | org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification | fixed: 2 known affected: 59 | 2026-07-02T21:44:34+00:00 | Vulnerability · Source |
| CVE-2026-33750 | redhat_vex | brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern | known affected: 249 known not affected: 2 | 2026-07-02T21:44:30+00:00 | Vulnerability · Source |
| CVE-2026-33672 | redhat_vex | picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions | known affected: 186 | 2026-07-02T21:44:29+00:00 | Vulnerability · Source |
| CVE-2026-31988 | redhat_vex | yauzl: yauzl: Denial of Service vulnerability in zip file processing | fixed: 1 known affected: 63 known not affected: 2 | 2026-07-02T21:44:23+00:00 | Vulnerability · Source |
| CVE-2026-33671 | redhat_vex | picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns | fixed: 12 known affected: 186 known not affected: 85 | 2026-07-02T21:44:23+00:00 | Vulnerability · Source |
| CVE-2026-32284 | redhat_vex | github.com/shamaton/msgpack: msgpack: Denial of Service via truncated fixext data | known affected: 167 known not affected: 2 | 2026-07-02T21:44:23+00:00 | Vulnerability · Source |
| CVE-2026-10028 | redhat_vex | glib-networking: Infinite loop in glib-networking GnuTLS backend allows remote denial of service via circular certificate chain | known affected: 7 | 2026-07-02T21:42:38+00:00 | Vulnerability · Source |
| CVE-2026-27601 | redhat_vex | Underscore.js: Underscore.js: Denial of Service via recursive data structures in flatten and isEqual functions | fixed: 3 known affected: 91 known not affected: 6 | 2026-07-02T21:42:26+00:00 | Vulnerability · Source |
| CVE-2026-25547 | redhat_vex | brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion | fixed: 276 known affected: 129 | 2026-07-02T21:42:23+00:00 | Vulnerability · Source |
| CVE-2026-23893 | redhat_vex | openCryptoki: openCryptoki: Privilege Escalation or Data Exposure via Symlink Following | fixed: 506 known affected: 12 | 2026-07-02T21:42:19+00:00 | Vulnerability · Source |
| CVE-2026-21726 | redhat_vex | Loki: Loki: Information disclosure via path traversal vulnerability | known affected: 26 | 2026-07-02T21:42:19+00:00 | Vulnerability · Source |
| CVE-2023-53556 | redhat_vex | kernel: Linux kernel iavf driver: Denial of Service via use-after-free vulnerability | fixed: 717 known affected: 66 known not affected: 90 | 2026-07-02T21:42:14+00:00 | Vulnerability · Source |
| CVE-2026-1225 | redhat_vex | ch.qos.logback/logback-core: Malicious logback.xml configuration file allows instantiation of arbitrary classes | known affected: 66 | 2026-07-02T21:42:14+00:00 | Vulnerability · Source |
| CVE-2026-2391 | redhat_vex | qs: qs's arrayLimit bypass in comma parsing allows denial of service | known affected: 134 | 2026-07-02T21:42:14+00:00 | Vulnerability · Source |
| CVE-2026-2739 | redhat_vex | bn.js: bn.js: Denial of Service via calling maskn(0) | known affected: 65 | 2026-07-02T21:42:14+00:00 | Vulnerability · Source |
| CVE-2026-12912 | redhat_vex | libtiff: libtiff: Heap-based buffer overflow via crafted PixarLog-compressed TIFF image | fixed: 3 known affected: 30 known not affected: 1 | 2026-07-02T21:35:10+00:00 | Vulnerability · Source |
| CVE-2026-53231 | redhat_vex | kernel: net: phy: don't try to setup PHY-driven SFP cages when using genphy | known affected: 14 known not affected: 260 | 2026-07-02T21:32:43+00:00 | Vulnerability · Source |
| CVE-2026-53214 | redhat_vex | kernel: ipv6: Fix a potential NPD in cleanup_prefix_route() | known affected: 90 known not affected: 184 | 2026-07-02T21:32:40+00:00 | Vulnerability · Source |
| CVE-2026-53210 | redhat_vex | kernel: tee: shm: fix shm leak in register_shm_helper() | known affected: 76 known not affected: 198 | 2026-07-02T21:32:39+00:00 | Vulnerability · Source |
| CVE-2026-53207 | redhat_vex | kernel: mm/memory-failure: fix hugetlb_lock AA deadlock in get_huge_page_for_hwpoison | known affected: 198 known not affected: 76 | 2026-07-02T21:32:32+00:00 | Vulnerability · Source |
| CVE-2026-46201 | redhat_vex | kernel: drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import() | known affected: 184 known not affected: 90 | 2026-07-02T21:32:30+00:00 | Vulnerability · Source |
| CVE-2026-46184 | redhat_vex | kernel: sound: ua101: fix division by zero at probe | known affected: 274 | 2026-07-02T21:32:27+00:00 | Vulnerability · Source |
| CVE-2026-46178 | redhat_vex | kernel: RDMA/mlx4: Fix resource leak on error in mlx4_ib_create_srq() | known affected: 198 known not affected: 76 | 2026-07-02T21:32:25+00:00 | Vulnerability · Source |
| CVE-2026-46167 | redhat_vex | kernel: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl | known affected: 274 | 2026-07-02T21:32:20+00:00 | Vulnerability · Source |
| CVE-2026-46140 | redhat_vex | kernel: Bluetooth: btmtk: validate WMT event SKB length before struct access | known affected: 184 known not affected: 90 | 2026-07-02T21:32:19+00:00 | Vulnerability · Source |
| CVE-2026-46131 | redhat_vex | kernel: KVM: x86: check for nEPT/nNPT in slow flush hypercalls | known affected: 184 known not affected: 90 | 2026-07-02T21:32:16+00:00 | Vulnerability · Source |
| CVE-2026-46049 | redhat_vex | kernel: ALSA: ctxfi: Add fallback to default RSR for S/PDIF | known affected: 274 | 2026-07-02T21:32:10+00:00 | Vulnerability · Source |
| CVE-2026-45948 | redhat_vex | kernel: ext4: fix memory leak in ext4_ext_shift_extents() | known affected: 274 | 2026-07-02T21:32:09+00:00 | Vulnerability · Source |
| CVE-2026-45933 | redhat_vex | kernel: bpf: Preserve id of register in sync_linked_regs() | known affected: 184 known not affected: 90 | 2026-07-02T21:32:00+00:00 | Vulnerability · Source |
| CVE-2026-45920 | redhat_vex | kernel: ext4: fix dirtyclusters double decrement on fs shutdown | known affected: 274 | 2026-07-02T21:31:57+00:00 | Vulnerability · Source |