VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
222278 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-46102 | redhat_vex | kernel: net: strparser: fix skb_head leak in strp_abort_strp() | known affected: 232 known not affected: 42 | 2026-07-02T19:16:43+00:00 | Vulnerability · Source |
| CVE-2026-46079 | redhat_vex | kernel: rbd: fix null-ptr-deref when device_add_disk() fails | known affected: 184 known not affected: 90 | 2026-07-02T19:16:41+00:00 | Vulnerability · Source |
| CVE-2026-46078 | redhat_vex | kernel: erofs: fix the out-of-bounds nameoff handling for trailing dirents | known affected: 184 known not affected: 90 | 2026-07-02T19:16:38+00:00 | Vulnerability · Source |
| CVE-2026-46070 | redhat_vex | kernel: md/raid5: validate payload size before accessing journal metadata | known affected: 260 known not affected: 14 | 2026-07-02T19:16:36+00:00 | Vulnerability · Source |
| CVE-2026-46065 | redhat_vex | kernel: fbdev: defio: Disconnect deferred I/O from the lifetime of struct fb_info | known affected: 232 known not affected: 42 | 2026-07-02T19:16:31+00:00 | Vulnerability · Source |
| CVE-2026-45130 | redhat_vex | vim: Vim: Heap buffer overflow allows arbitrary code execution or denial of service | known affected: 33 | 2026-07-02T19:16:30+00:00 | Vulnerability · Source |
| CVE-2026-43427 | redhat_vex | kernel: usb: class: cdc-wdm: fix reordering issue in read code path | known affected: 274 | 2026-07-02T19:16:28+00:00 | Vulnerability · Source |
| CVE-2026-31666 | redhat_vex | kernel: btrfs: fix incorrect return value after changing leaf in lookup_extent_data_ref() | known affected: 260 known not affected: 14 | 2026-07-02T19:11:11+00:00 | Vulnerability · Source |
| CVE-2026-24137 | redhat_vex | github.com/sigstore/sigstore: sigstore legacy TUF client allows for arbitrary file writes with target cache path traversal | known affected: 170 | 2026-07-02T19:11:09+00:00 | Vulnerability · Source |
| CVE-2026-23276 | redhat_vex | kernel: net: add xmit recursion limit to tunnel xmit functions | known affected: 274 | 2026-07-02T19:11:02+00:00 | Vulnerability · Source |
| CVE-2026-23262 | redhat_vex | kernel: gve: Fix stats report corruption on queue count change | known affected: 232 known not affected: 42 | 2026-07-02T19:10:58+00:00 | Vulnerability · Source |
| CVE-2026-22737 | redhat_vex | Spring Framework: Spring Framework: Information disclosure via Java scripting engine enabled template views | known affected: 36 | 2026-07-02T19:10:49+00:00 | Vulnerability · Source |
| CVE-2026-11769 | redhat_vex | grafana-operator: Grafana Operator: Privilege escalation and information disclosure via path traversal in jsonnet templating. | known not affected: 4 | 2026-07-02T19:10:45+00:00 | Vulnerability · Source |
| CVE-2025-71273 | redhat_vex | kernel: wifi: rtw88: Use devm_kmemdup() in rtw_set_supported_band() | known affected: 260 known not affected: 14 | 2026-07-02T19:10:39+00:00 | Vulnerability · Source |
| CVE-2025-68471 | redhat_vex | avahi: Avahi: Denial of Service via unsolicited CNAME announcements | fixed: 3 known affected: 89 | 2026-07-02T19:10:20+00:00 | Vulnerability · Source |
| CVE-2025-61730 | redhat_vex | crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls | fixed: 8 known affected: 208 | 2026-07-02T19:10:19+00:00 | Vulnerability · Source |
| CVE-2025-61723 | redhat_vex | encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem | fixed: 8 known affected: 355 | 2026-07-02T19:10:15+00:00 | Vulnerability · Source |
| CVE-2025-61725 | redhat_vex | net/mail: Excessive CPU consumption in ParseAddress in net/mail | fixed: 8 known affected: 240 | 2026-07-02T19:10:11+00:00 | Vulnerability · Source |
| CVE-2025-61594 | redhat_vex | uri: URI module: Credential exposure via URI + operator | fixed: 384 known affected: 11 | 2026-07-02T19:10:06+00:00 | Vulnerability · Source |
| CVE-2025-58189 | redhat_vex | crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information | fixed: 8 known affected: 355 | 2026-07-02T19:10:05+00:00 | Vulnerability · Source |
| CVE-2025-58185 | redhat_vex | encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1 | fixed: 8 known affected: 366 | 2026-07-02T19:10:04+00:00 | Vulnerability · Source |
| CVE-2026-4408 | redhat_vex | samba: Remote Code Execution in SAMR | fixed: 4194 known affected: 29 | 2026-07-02T19:05:52+00:00 | Vulnerability · Source |
| CVE-2026-3012 | redhat_vex | samba: group policy certificate enrollment uses http:// without validation | fixed: 3903 known affected: 59 | 2026-07-02T19:05:44+00:00 | Vulnerability · Source |
| CVE-2026-1933 | redhat_vex | samba: Missing access check on reparse point operations | fixed: 3903 known affected: 59 | 2026-07-02T19:05:40+00:00 | Vulnerability · Source |
| CVE-2026-45998 | redhat_vex | kernel: rxrpc: Fix potential UAF after skb_unshare() failure | fixed: 309 known affected: 108 known not affected: 90 | 2026-07-02T19:05:09+00:00 | Vulnerability · Source |
| CVE-2026-53351 | redhat_vex | kernel: riscv/ptrace: Use USER_REGSET_NOTE_TYPE for REGSET_CFI | known not affected: 274 | 2026-07-02T17:22:08+00:00 | Vulnerability · Source |
| CVE-2026-43211 | redhat_vex | kernel: PCI: Fix pci_slot_trylock() error handling | known affected: 198 known not affected: 76 | 2026-07-02T17:20:40+00:00 | Vulnerability · Source |
| CVE-2026-43148 | redhat_vex | kernel: powerpc/smp: Add check for kcalloc() failure in parse_thread_groups() | known affected: 246 known not affected: 28 | 2026-07-02T17:20:36+00:00 | Vulnerability · Source |
| CVE-2026-43123 | redhat_vex | kernel: fbcon: check return value of con2fb_acquire_newinfo() | known affected: 232 known not affected: 42 | 2026-07-02T17:20:31+00:00 | Vulnerability · Source |
| CVE-2026-43073 | redhat_vex | kernel: x86-64: rename misleadingly named '__copy_user_nocache()' function | known affected: 260 known not affected: 14 | 2026-07-02T17:20:25+00:00 | Vulnerability · Source |
| CVE-2026-43068 | redhat_vex | kernel: ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal() | known affected: 274 | 2026-07-02T17:20:21+00:00 | Vulnerability · Source |
| CVE-2026-41990 | redhat_vex | Libgcrypt: Libgcrypt: Denial of Service or data integrity issues from missing bounds check during Dilithium signing. | fixed: 3 known affected: 21 | 2026-07-02T17:20:12+00:00 | Vulnerability · Source |
| CVE-2026-41079 | redhat_vex | cups: CUPS: Information disclosure via crafted SNMP response | known affected: 41 known not affected: 1 | 2026-07-02T17:20:04+00:00 | Vulnerability · Source |
| CVE-2026-40334 | redhat_vex | libgphoto2: libgphoto2: Information disclosure and denial of service via missing null terminator | known affected: 10 | 2026-07-02T17:19:58+00:00 | Vulnerability · Source |
| CVE-2026-31897 | redhat_vex | freerdp: FreeRDP has an out-of-bounds read in `freerdp_bitmap_decompress_planar` | known affected: 31 | 2026-07-02T17:19:54+00:00 | Vulnerability · Source |
| CVE-2026-3234 | redhat_vex | mod_proxy_cluster: mod_proxy_cluster: Response body corruption via CRLF injection | known affected: 7 | 2026-07-02T17:19:46+00:00 | Vulnerability · Source |
| CVE-2026-31486 | redhat_vex | kernel: hwmon: (pmbus/core) Protect regulator operations with mutex | known affected: 232 known not affected: 42 | 2026-07-02T17:19:41+00:00 | Vulnerability · Source |
| CVE-2026-29776 | redhat_vex | freerdp: FreeRDP has an Integer Underflow in update_read_cache_bitmap_order Function of FreeRDP's Core Library | known affected: 31 | 2026-07-02T17:19:33+00:00 | Vulnerability · Source |
| CVE-2026-28753 | redhat_vex | NGINX: NGINX Plus: NGINX Open Source: NGINX Plus and NGINX Open Source: Request manipulation via header injection in SMTP upstream requests | fixed: 4 known affected: 54 | 2026-07-02T17:19:29+00:00 | Vulnerability · Source |
| CVE-2026-28422 | redhat_vex | vim: Vim: Integrity impact due to stack-buffer-overflow via wide terminal statusline rendering | known affected: 33 | 2026-07-02T17:19:24+00:00 | Vulnerability · Source |
| CVE-2026-28295 | redhat_vex | gvfs: GVfs FTP backend: Information disclosure via untrusted PASV responses | known affected: 48 | 2026-07-02T17:19:16+00:00 | Vulnerability · Source |
| CVE-2026-27171 | redhat_vex | zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions | known affected: 315 known not affected: 6 | 2026-07-02T17:19:10+00:00 | Vulnerability · Source |
| CVE-2026-26269 | redhat_vex | vim: Netbeans specialKeys stack buffer overflow | known affected: 33 | 2026-07-02T17:19:04+00:00 | Vulnerability · Source |
| CVE-2026-24883 | redhat_vex | GnuPG: GnuPG: Denial of service due to specially crafted signature packet | known affected: 15 | 2026-07-02T17:18:59+00:00 | Vulnerability · Source |
| CVE-2026-24515 | redhat_vex | libexpat: libexpat null pointer dereference | known affected: 21 | 2026-07-02T17:18:51+00:00 | Vulnerability · Source |
| CVE-2026-2708 | redhat_vex | libsoup: libsoup: HTTP Request Smuggling via Duplicate Content-Length Headers | known affected: 16 | 2026-07-02T17:18:47+00:00 | Vulnerability · Source |
| CVE-2026-2443 | redhat_vex | libsoup: Out-of-Bounds Read in libsoup handle_partial_get() Leading to Heap Information Disclosure | known affected: 16 | 2026-07-02T17:18:43+00:00 | Vulnerability · Source |
| CVE-2026-22036 | redhat_vex | undici: Undici: Denial of Service via excessive decompression steps | fixed: 1 known affected: 90 known not affected: 2 | 2026-07-02T17:18:28+00:00 | Vulnerability · Source |
| CVE-2026-21725 | redhat_vex | grafana: Grafana: Unauthorized data source deletion via time-of-create-to-time-of-use (TOCTOU) vulnerability | known affected: 23 | 2026-07-02T17:18:25+00:00 | Vulnerability · Source |
| CVE-2026-2239 | redhat_vex | gimp: GIMP: Application crash (DoS) via crafted PSD file due to heap-buffer-overflow | known affected: 26 | 2026-07-02T17:18:15+00:00 | Vulnerability · Source |