VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

222278 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-46102 redhat_vex kernel: net: strparser: fix skb_head leak in strp_abort_strp() known affected: 232 known not affected: 42 2026-07-02T19:16:43+00:00 Vulnerability · Source
CVE-2026-46079 redhat_vex kernel: rbd: fix null-ptr-deref when device_add_disk() fails known affected: 184 known not affected: 90 2026-07-02T19:16:41+00:00 Vulnerability · Source
CVE-2026-46078 redhat_vex kernel: erofs: fix the out-of-bounds nameoff handling for trailing dirents known affected: 184 known not affected: 90 2026-07-02T19:16:38+00:00 Vulnerability · Source
CVE-2026-46070 redhat_vex kernel: md/raid5: validate payload size before accessing journal metadata known affected: 260 known not affected: 14 2026-07-02T19:16:36+00:00 Vulnerability · Source
CVE-2026-46065 redhat_vex kernel: fbdev: defio: Disconnect deferred I/O from the lifetime of struct fb_info known affected: 232 known not affected: 42 2026-07-02T19:16:31+00:00 Vulnerability · Source
CVE-2026-45130 redhat_vex vim: Vim: Heap buffer overflow allows arbitrary code execution or denial of service known affected: 33 2026-07-02T19:16:30+00:00 Vulnerability · Source
CVE-2026-43427 redhat_vex kernel: usb: class: cdc-wdm: fix reordering issue in read code path known affected: 274 2026-07-02T19:16:28+00:00 Vulnerability · Source
CVE-2026-31666 redhat_vex kernel: btrfs: fix incorrect return value after changing leaf in lookup_extent_data_ref() known affected: 260 known not affected: 14 2026-07-02T19:11:11+00:00 Vulnerability · Source
CVE-2026-24137 redhat_vex github.com/sigstore/sigstore: sigstore legacy TUF client allows for arbitrary file writes with target cache path traversal known affected: 170 2026-07-02T19:11:09+00:00 Vulnerability · Source
CVE-2026-23276 redhat_vex kernel: net: add xmit recursion limit to tunnel xmit functions known affected: 274 2026-07-02T19:11:02+00:00 Vulnerability · Source
CVE-2026-23262 redhat_vex kernel: gve: Fix stats report corruption on queue count change known affected: 232 known not affected: 42 2026-07-02T19:10:58+00:00 Vulnerability · Source
CVE-2026-22737 redhat_vex Spring Framework: Spring Framework: Information disclosure via Java scripting engine enabled template views known affected: 36 2026-07-02T19:10:49+00:00 Vulnerability · Source
CVE-2026-11769 redhat_vex grafana-operator: Grafana Operator: Privilege escalation and information disclosure via path traversal in jsonnet templating. known not affected: 4 2026-07-02T19:10:45+00:00 Vulnerability · Source
CVE-2025-71273 redhat_vex kernel: wifi: rtw88: Use devm_kmemdup() in rtw_set_supported_band() known affected: 260 known not affected: 14 2026-07-02T19:10:39+00:00 Vulnerability · Source
CVE-2025-68471 redhat_vex avahi: Avahi: Denial of Service via unsolicited CNAME announcements fixed: 3 known affected: 89 2026-07-02T19:10:20+00:00 Vulnerability · Source
CVE-2025-61730 redhat_vex crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls fixed: 8 known affected: 208 2026-07-02T19:10:19+00:00 Vulnerability · Source
CVE-2025-61723 redhat_vex encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem fixed: 8 known affected: 355 2026-07-02T19:10:15+00:00 Vulnerability · Source
CVE-2025-61725 redhat_vex net/mail: Excessive CPU consumption in ParseAddress in net/mail fixed: 8 known affected: 240 2026-07-02T19:10:11+00:00 Vulnerability · Source
CVE-2025-61594 redhat_vex uri: URI module: Credential exposure via URI + operator fixed: 384 known affected: 11 2026-07-02T19:10:06+00:00 Vulnerability · Source
CVE-2025-58189 redhat_vex crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information fixed: 8 known affected: 355 2026-07-02T19:10:05+00:00 Vulnerability · Source
CVE-2025-58185 redhat_vex encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1 fixed: 8 known affected: 366 2026-07-02T19:10:04+00:00 Vulnerability · Source
CVE-2026-4408 redhat_vex samba: Remote Code Execution in SAMR fixed: 4194 known affected: 29 2026-07-02T19:05:52+00:00 Vulnerability · Source
CVE-2026-3012 redhat_vex samba: group policy certificate enrollment uses http:// without validation fixed: 3903 known affected: 59 2026-07-02T19:05:44+00:00 Vulnerability · Source
CVE-2026-1933 redhat_vex samba: Missing access check on reparse point operations fixed: 3903 known affected: 59 2026-07-02T19:05:40+00:00 Vulnerability · Source
CVE-2026-45998 redhat_vex kernel: rxrpc: Fix potential UAF after skb_unshare() failure fixed: 309 known affected: 108 known not affected: 90 2026-07-02T19:05:09+00:00 Vulnerability · Source
CVE-2026-53351 redhat_vex kernel: riscv/ptrace: Use USER_REGSET_NOTE_TYPE for REGSET_CFI known not affected: 274 2026-07-02T17:22:08+00:00 Vulnerability · Source
CVE-2026-43211 redhat_vex kernel: PCI: Fix pci_slot_trylock() error handling known affected: 198 known not affected: 76 2026-07-02T17:20:40+00:00 Vulnerability · Source
CVE-2026-43148 redhat_vex kernel: powerpc/smp: Add check for kcalloc() failure in parse_thread_groups() known affected: 246 known not affected: 28 2026-07-02T17:20:36+00:00 Vulnerability · Source
CVE-2026-43123 redhat_vex kernel: fbcon: check return value of con2fb_acquire_newinfo() known affected: 232 known not affected: 42 2026-07-02T17:20:31+00:00 Vulnerability · Source
CVE-2026-43073 redhat_vex kernel: x86-64: rename misleadingly named '__copy_user_nocache()' function known affected: 260 known not affected: 14 2026-07-02T17:20:25+00:00 Vulnerability · Source
CVE-2026-43068 redhat_vex kernel: ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal() known affected: 274 2026-07-02T17:20:21+00:00 Vulnerability · Source
CVE-2026-41990 redhat_vex Libgcrypt: Libgcrypt: Denial of Service or data integrity issues from missing bounds check during Dilithium signing. fixed: 3 known affected: 21 2026-07-02T17:20:12+00:00 Vulnerability · Source
CVE-2026-41079 redhat_vex cups: CUPS: Information disclosure via crafted SNMP response known affected: 41 known not affected: 1 2026-07-02T17:20:04+00:00 Vulnerability · Source
CVE-2026-40334 redhat_vex libgphoto2: libgphoto2: Information disclosure and denial of service via missing null terminator known affected: 10 2026-07-02T17:19:58+00:00 Vulnerability · Source
CVE-2026-31897 redhat_vex freerdp: FreeRDP has an out-of-bounds read in `freerdp_bitmap_decompress_planar` known affected: 31 2026-07-02T17:19:54+00:00 Vulnerability · Source
CVE-2026-3234 redhat_vex mod_proxy_cluster: mod_proxy_cluster: Response body corruption via CRLF injection known affected: 7 2026-07-02T17:19:46+00:00 Vulnerability · Source
CVE-2026-31486 redhat_vex kernel: hwmon: (pmbus/core) Protect regulator operations with mutex known affected: 232 known not affected: 42 2026-07-02T17:19:41+00:00 Vulnerability · Source
CVE-2026-29776 redhat_vex freerdp: FreeRDP has an Integer Underflow in update_read_cache_bitmap_order Function of FreeRDP's Core Library known affected: 31 2026-07-02T17:19:33+00:00 Vulnerability · Source
CVE-2026-28753 redhat_vex NGINX: NGINX Plus: NGINX Open Source: NGINX Plus and NGINX Open Source: Request manipulation via header injection in SMTP upstream requests fixed: 4 known affected: 54 2026-07-02T17:19:29+00:00 Vulnerability · Source
CVE-2026-28422 redhat_vex vim: Vim: Integrity impact due to stack-buffer-overflow via wide terminal statusline rendering known affected: 33 2026-07-02T17:19:24+00:00 Vulnerability · Source
CVE-2026-28295 redhat_vex gvfs: GVfs FTP backend: Information disclosure via untrusted PASV responses known affected: 48 2026-07-02T17:19:16+00:00 Vulnerability · Source
CVE-2026-27171 redhat_vex zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions known affected: 315 known not affected: 6 2026-07-02T17:19:10+00:00 Vulnerability · Source
CVE-2026-26269 redhat_vex vim: Netbeans specialKeys stack buffer overflow known affected: 33 2026-07-02T17:19:04+00:00 Vulnerability · Source
CVE-2026-24883 redhat_vex GnuPG: GnuPG: Denial of service due to specially crafted signature packet known affected: 15 2026-07-02T17:18:59+00:00 Vulnerability · Source
CVE-2026-24515 redhat_vex libexpat: libexpat null pointer dereference known affected: 21 2026-07-02T17:18:51+00:00 Vulnerability · Source
CVE-2026-2708 redhat_vex libsoup: libsoup: HTTP Request Smuggling via Duplicate Content-Length Headers known affected: 16 2026-07-02T17:18:47+00:00 Vulnerability · Source
CVE-2026-2443 redhat_vex libsoup: Out-of-Bounds Read in libsoup handle_partial_get() Leading to Heap Information Disclosure known affected: 16 2026-07-02T17:18:43+00:00 Vulnerability · Source
CVE-2026-22036 redhat_vex undici: Undici: Denial of Service via excessive decompression steps fixed: 1 known affected: 90 known not affected: 2 2026-07-02T17:18:28+00:00 Vulnerability · Source
CVE-2026-21725 redhat_vex grafana: Grafana: Unauthorized data source deletion via time-of-create-to-time-of-use (TOCTOU) vulnerability known affected: 23 2026-07-02T17:18:25+00:00 Vulnerability · Source
CVE-2026-2239 redhat_vex gimp: GIMP: Application crash (DoS) via crafted PSD file due to heap-buffer-overflow known affected: 26 2026-07-02T17:18:15+00:00 Vulnerability · Source