VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
222278 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-2239 | redhat_vex | gimp: GIMP: Application crash (DoS) via crafted PSD file due to heap-buffer-overflow | known affected: 26 | 2026-07-02T17:18:15+00:00 | Vulnerability · Source |
| CVE-2026-2243 | redhat_vex | qemu-kvm: Heap buffer out-of-bounds read in VMDK compressed grain parsing | known affected: 82 | 2026-07-02T17:18:15+00:00 | Vulnerability · Source |
| CVE-2026-1801 | redhat_vex | libsoup: libsoup: HTTP Request Smuggling via malformed chunk headers | known affected: 16 | 2026-07-02T17:18:09+00:00 | Vulnerability · Source |
| CVE-2026-1485 | redhat_vex | Glib: Glib: Local denial of service via buffer underflow in content type parsing | known affected: 70 | 2026-07-02T17:18:02+00:00 | Vulnerability · Source |
| CVE-2026-0992 | redhat_vex | libxml2: libxml2: Denial of Service via crafted XML catalogs | fixed: 3 known affected: 25 | 2026-07-02T17:17:57+00:00 | Vulnerability · Source |
| CVE-2026-0989 | redhat_vex | libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow | fixed: 3 known affected: 25 | 2026-07-02T17:17:54+00:00 | Vulnerability · Source |
| CVE-2026-0988 | redhat_vex | glib: GLib: Denial of Service via Integer Overflow in g_buffered_input_stream_peek() | fixed: 3 known affected: 70 | 2026-07-02T17:17:52+00:00 | Vulnerability · Source |
| CVE-2026-0968 | redhat_vex | libssh: libssh: Denial of Service due to malformed SFTP message | fixed: 58 known affected: 5 known not affected: 9 | 2026-07-02T17:17:47+00:00 | Vulnerability · Source |
| CVE-2026-0967 | redhat_vex | libssh: libssh: Denial of Service via inefficient regular expression processing | fixed: 58 known affected: 5 known not affected: 9 | 2026-07-02T17:17:45+00:00 | Vulnerability · Source |
| CVE-2026-0965 | redhat_vex | libssh: libssh: Denial of Service via improper configuration file handling | fixed: 58 known affected: 5 known not affected: 9 | 2026-07-02T17:17:44+00:00 | Vulnerability · Source |
| CVE-2025-31648 | redhat_vex | microcode_ctl: From CVEorg collector | known affected: 9 | 2026-07-02T17:17:35+00:00 | Vulnerability · Source |
| CVE-2025-11961 | redhat_vex | libpcap: libpcap: Memory corruption via malformed MAC-48 address input | known affected: 12 | 2026-07-02T17:17:34+00:00 | Vulnerability · Source |
| CVE-2025-11143 | redhat_vex | org.eclipse.jetty/jetty-http: org.eclipse.jetty: Security bypass due to differential URI parsing | fixed: 2 known affected: 33 known not affected: 2 | 2026-07-02T17:17:31+00:00 | Vulnerability · Source |
| CVE-2026-9076 | redhat_vex | openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption | fixed: 100 known affected: 51 known not affected: 1 | 2026-07-02T17:17:30+00:00 | Vulnerability · Source |
| CVE-2026-47778 | redhat_vex | envoy: Envoy: Information disclosure via malicious certificate with NUL byte in DNS Subject Alternative Name (SAN) | known affected: 2 | 2026-07-02T17:17:16+00:00 | Vulnerability · Source |
| CVE-2026-43204 | redhat_vex | kernel: ASoC: qcom: q6asm: drop DSP responses for closed data streams | known affected: 184 known not affected: 90 | 2026-07-02T17:17:10+00:00 | Vulnerability · Source |
| CVE-2026-43172 | redhat_vex | kernel: wifi: iwlwifi: fix 22000 series SMEM parsing | known affected: 260 known not affected: 14 | 2026-07-02T17:17:06+00:00 | Vulnerability · Source |
| CVE-2026-43150 | redhat_vex | kernel: perf/arm-cmn: Reject unsupported hardware configurations | known affected: 232 known not affected: 42 | 2026-07-02T17:16:59+00:00 | Vulnerability · Source |
| CVE-2026-43144 | redhat_vex | kernel: wifi: brcmfmac: Fix potential kernel oops when probe fails | known affected: 184 known not affected: 90 | 2026-07-02T17:16:57+00:00 | Vulnerability · Source |
| CVE-2026-43099 | redhat_vex | kernel: ipv4: icmp: fix null-ptr-deref in icmp_build_probe() | known affected: 198 known not affected: 76 | 2026-07-02T17:16:53+00:00 | Vulnerability · Source |
| CVE-2026-43070 | redhat_vex | kernel: bpf: Reset register ID for BPF_END value tracking | known affected: 260 known not affected: 14 | 2026-07-02T17:16:52+00:00 | Vulnerability · Source |
| CVE-2026-43065 | redhat_vex | kernel: ext4: always drain queued discard work in ext4_mb_release() | known affected: 198 known not affected: 76 | 2026-07-02T17:16:49+00:00 | Vulnerability · Source |
| CVE-2026-42036 | redhat_vex | axios: Axios: Denial of Service via unbounded stream consumption when 'responseType: 'stream'' is used | known affected: 85 known not affected: 4 | 2026-07-02T17:16:44+00:00 | Vulnerability · Source |
| CVE-2026-42034 | redhat_vex | axios: Axios: Denial of Service via oversized streamed uploads bypassing body limits | known affected: 85 known not affected: 4 | 2026-07-02T17:16:43+00:00 | Vulnerability · Source |
| CVE-2026-41305 | redhat_vex | postcss: PostCSS: Cross-Site Scripting (XSS) via improper escaping of style closing tags | known affected: 128 known not affected: 2 | 2026-07-02T17:16:41+00:00 | Vulnerability · Source |
| CVE-2026-41254 | redhat_vex | Little CMS: lcms2: mm2/Little-CMS: Little CMS: Information disclosure or denial of service via integer overflow in CubeSize | known affected: 261 | 2026-07-02T17:16:39+00:00 | Vulnerability · Source |
| CVE-2026-41066 | redhat_vex | lxml: python: lxml: Information disclosure via untrusted XML input leading to local file read | known affected: 32 known not affected: 3 | 2026-07-02T17:16:32+00:00 | Vulnerability · Source |
| CVE-2026-40919 | redhat_vex | gimp: GIMP: Denial of Service via specially crafted Seattle Filmworks file | known affected: 32 | 2026-07-02T17:16:30+00:00 | Vulnerability · Source |
| CVE-2026-40918 | redhat_vex | gimp: GIMP: Denial of Service via crafted PVR image file | known affected: 32 | 2026-07-02T17:16:29+00:00 | Vulnerability · Source |
| CVE-2026-40917 | redhat_vex | gimp: GIMP: Application crashes or information disclosure via crafted ICNS image files | known affected: 32 | 2026-07-02T17:16:26+00:00 | Vulnerability · Source |
| CVE-2026-40916 | redhat_vex | gimp: GIMP: Denial of Service due to stack buffer overflow in TIM image loader | known affected: 32 | 2026-07-02T17:16:24+00:00 | Vulnerability · Source |
| CVE-2026-40915 | redhat_vex | gimp: GIMP: Heap buffer overflow due to integer overflow in FITS image loader | known affected: 32 | 2026-07-02T17:16:22+00:00 | Vulnerability · Source |
| CVE-2026-40447 | redhat_vex | escargot: Escargot: Denial of Service due to integer overflow or wraparound vulnerability | known affected: 80 | 2026-07-02T17:16:21+00:00 | Vulnerability · Source |
| CVE-2026-40354 | redhat_vex | flatpak: xdg-desktop-portal: Flatpak xdg-desktop-portal: File deletion via symlink attack | known affected: 8 | 2026-07-02T17:16:18+00:00 | Vulnerability · Source |
| CVE-2026-40341 | redhat_vex | libgphoto2: libgphoto2: Denial of Service via out-of-bounds read from untrusted USB devices | known affected: 10 | 2026-07-02T17:16:16+00:00 | Vulnerability · Source |
| CVE-2026-40340 | redhat_vex | libgphoto2: libgphoto2: Information disclosure and denial of service via out-of-bounds read | known affected: 10 | 2026-07-02T17:16:14+00:00 | Vulnerability · Source |
| CVE-2026-40339 | redhat_vex | libgphoto2: libgphoto2: Information Disclosure via out-of-bounds read | known affected: 10 | 2026-07-02T17:16:12+00:00 | Vulnerability · Source |
| CVE-2026-40338 | redhat_vex | libgphoto2: libgphoto2: Information disclosure and denial of service via out-of-bounds read | known affected: 10 | 2026-07-02T17:16:10+00:00 | Vulnerability · Source |
| CVE-2026-40335 | redhat_vex | libgphoto2: libgphoto2: Information disclosure via out-of-bounds read in ptp_unpack_DPV() | known affected: 10 | 2026-07-02T17:16:08+00:00 | Vulnerability · Source |
| CVE-2026-40333 | redhat_vex | libgphoto2: libgphoto2: Information disclosure and denial of service via unbounded reads | known affected: 10 | 2026-07-02T17:16:06+00:00 | Vulnerability · Source |
| CVE-2026-40254 | redhat_vex | FreeRDP: FreeRDP: Information disclosure and arbitrary file modification via path traversal | known affected: 31 | 2026-07-02T17:16:05+00:00 | Vulnerability · Source |
| CVE-2026-39886 | redhat_vex | OpenEXR: OpenEXR: Signed integer overflow in HTJ2K decompression can lead to denial of service. | known affected: 18 | 2026-07-02T17:16:04+00:00 | Vulnerability · Source |
| CVE-2026-33555 | redhat_vex | haproxy: HAProxy: Request smuggling via HTTP/3 parser desynchronization | fixed: 3 known affected: 10 known not affected: 4 | 2026-07-02T17:15:57+00:00 | Vulnerability · Source |
| CVE-2026-33523 | redhat_vex | httpd: HTTP response splitting forwarding malicious status line | fixed: 4 known affected: 53 | 2026-07-02T17:15:55+00:00 | Vulnerability · Source |
| CVE-2026-32778 | redhat_vex | libexpat: libexpat: Denial of Service via NULL pointer dereference after out-of-memory condition | known affected: 21 | 2026-07-02T17:15:54+00:00 | Vulnerability · Source |
| CVE-2026-32775 | redhat_vex | libexif: libexif: Buffer overwrite via integer underflow in MakerNotes decoding | known affected: 17 | 2026-07-02T17:15:53+00:00 | Vulnerability · Source |
| CVE-2026-32777 | redhat_vex | libexpat: libexpat: Denial of Service via infinite loop in DTD content parsing | known affected: 21 | 2026-07-02T17:15:51+00:00 | Vulnerability · Source |
| CVE-2026-32776 | redhat_vex | libexpat: libexpat: Denial of Service due to NULL pointer dereference | known affected: 21 | 2026-07-02T17:15:50+00:00 | Vulnerability · Source |
| CVE-2026-5406 | redhat_vex | wireshark: Wireshark: Denial of Service via FC-SWILS protocol dissector crash | known affected: 20 | 2026-07-02T17:15:48+00:00 | Vulnerability · Source |
| CVE-2026-4897 | redhat_vex | polkit: Polkit: Denial of Service via unbounded input processing through standard input | known affected: 23 | 2026-07-02T17:15:44+00:00 | Vulnerability · Source |