VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
222278 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-4897 | redhat_vex | polkit: Polkit: Denial of Service via unbounded input processing through standard input | known affected: 23 | 2026-07-02T17:15:44+00:00 | Vulnerability · Source |
| CVE-2026-4867 | redhat_vex | path-to-regexp: path-to-regexp: Denial of Service via catastrophic backtracking from malformed URL parameters | fixed: 12 known affected: 102 known not affected: 85 | 2026-07-02T17:15:44+00:00 | Vulnerability · Source |
| CVE-2026-4367 | redhat_vex | libXpm: libXpm: Denial of Service via out-of-bounds read in XPM file parsing | fixed: 3 known affected: 13 | 2026-07-02T17:15:41+00:00 | Vulnerability · Source |
| CVE-2026-4426 | redhat_vex | libarchive: libarchive: Denial of Service via malformed ISO file processing | fixed: 3 known affected: 21 | 2026-07-02T17:15:40+00:00 | Vulnerability · Source |
| CVE-2026-4105 | redhat_vex | systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method | fixed: 4 known affected: 131 | 2026-07-02T17:15:35+00:00 | Vulnerability · Source |
| CVE-2026-3731 | redhat_vex | libssh: libssh: Denial of Service via out-of-bounds read in SFTP extension name handler | fixed: 4 known affected: 21 | 2026-07-02T17:15:32+00:00 | Vulnerability · Source |
| CVE-2026-3634 | redhat_vex | libsoup: libsoup: HTTP header injection and response splitting via CRLF injection in Content-Type header | known affected: 16 | 2026-07-02T17:15:28+00:00 | Vulnerability · Source |
| CVE-2026-3494 | redhat_vex | MariaDB: MariaDB: Information disclosure due to unlogged SQL statements with comments | known affected: 162 | 2026-07-02T17:15:27+00:00 | Vulnerability · Source |
| CVE-2026-31680 | redhat_vex | kernel: net: ipv6: flowlabel: defer exclusive option free until RCU teardown | known affected: 260 known not affected: 14 | 2026-07-02T17:15:15+00:00 | Vulnerability · Source |
| CVE-2026-31679 | redhat_vex | kernel: openvswitch: validate MPLS set/set_masked payload length | known affected: 260 known not affected: 14 | 2026-07-02T17:15:13+00:00 | Vulnerability · Source |
| CVE-2026-31678 | redhat_vex | kernel: openvswitch: defer tunnel netdev_put to RCU release | known affected: 260 known not affected: 14 | 2026-07-02T17:15:11+00:00 | Vulnerability · Source |
| CVE-2026-31675 | redhat_vex | kernel: net/sched: sch_netem: fix out-of-bounds access in packet corruption | known affected: 260 known not affected: 14 | 2026-07-02T17:15:09+00:00 | Vulnerability · Source |
| CVE-2026-31674 | redhat_vex | kernel: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() | known affected: 260 known not affected: 14 | 2026-07-02T17:15:08+00:00 | Vulnerability · Source |
| CVE-2026-31673 | redhat_vex | kernel: af_unix: read UNIX_DIAG_VFS data under unix_state_lock | known affected: 260 known not affected: 14 | 2026-07-02T17:15:04+00:00 | Vulnerability · Source |
| CVE-2026-31667 | redhat_vex | kernel: Input: uinput - fix circular locking dependency with ff-core | known affected: 260 known not affected: 14 | 2026-07-02T17:15:03+00:00 | Vulnerability · Source |
| CVE-2026-31665 | redhat_vex | kernel: netfilter: nft_ct: fix use-after-free in timeout object destroy | known affected: 260 known not affected: 14 | 2026-07-02T17:15:01+00:00 | Vulnerability · Source |
| CVE-2026-31662 | redhat_vex | kernel: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG | known affected: 260 known not affected: 14 | 2026-07-02T17:14:58+00:00 | Vulnerability · Source |
| CVE-2026-31649 | redhat_vex | kernel: net: stmmac: fix integer underflow in chain mode | known affected: 232 known not affected: 42 | 2026-07-02T17:14:57+00:00 | Vulnerability · Source |
| CVE-2026-31648 | redhat_vex | kernel: mm: filemap: fix nr_pages calculation overflow in filemap_map_pages() | known affected: 260 known not affected: 14 | 2026-07-02T17:14:54+00:00 | Vulnerability · Source |
| CVE-2026-31638 | redhat_vex | kernel: rxrpc: Only put the call ref if one was acquired | known affected: 184 known not affected: 90 | 2026-07-02T17:14:52+00:00 | Vulnerability · Source |
| CVE-2026-31637 | redhat_vex | kernel: rxrpc: reject undecryptable rxkad response tickets | known affected: 260 known not affected: 14 | 2026-07-02T17:14:50+00:00 | Vulnerability · Source |
| CVE-2026-31633 | redhat_vex | kernel: rxrpc: Fix integer overflow in rxgk_verify_response() | known affected: 260 known not affected: 14 | 2026-07-02T17:14:47+00:00 | Vulnerability · Source |
| CVE-2026-31631 | redhat_vex | kernel: rxrpc: Fix buffer overread in rxgk_do_verify_authenticator() | known affected: 260 known not affected: 14 | 2026-07-02T17:14:46+00:00 | Vulnerability · Source |
| CVE-2026-31609 | redhat_vex | kernel: smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush() | known affected: 260 known not affected: 14 | 2026-07-02T17:14:42+00:00 | Vulnerability · Source |
| CVE-2026-31630 | redhat_vex | kernel: rxrpc: proc: size address buffers for %pISpc output | known affected: 260 known not affected: 14 | 2026-07-02T17:14:42+00:00 | Vulnerability · Source |
| CVE-2026-31600 | redhat_vex | kernel: arm64: mm: Handle invalid large leaf mappings correctly | known affected: 260 known not affected: 14 | 2026-07-02T17:14:41+00:00 | Vulnerability · Source |
| CVE-2026-31588 | redhat_vex | kernel: KVM: x86: Use scratch field in MMIO fragment to hold small write values | known affected: 260 known not affected: 14 | 2026-07-02T17:14:37+00:00 | Vulnerability · Source |
| CVE-2026-31570 | redhat_vex | kernel: can: gw: fix OOB heap access in cgw_csum_crc8_rel() | known affected: 260 known not affected: 14 | 2026-07-02T17:14:36+00:00 | Vulnerability · Source |
| CVE-2026-31557 | redhat_vex | kernel: nvmet: move async event work off nvmet-wq | known affected: 260 known not affected: 14 | 2026-07-02T17:14:32+00:00 | Vulnerability · Source |
| CVE-2026-31548 | redhat_vex | kernel: wifi: cfg80211: cancel pmsr_free_wk in cfg80211_pmsr_wdev_down | known affected: 232 known not affected: 42 | 2026-07-02T17:14:30+00:00 | Vulnerability · Source |
| CVE-2026-31533 | redhat_vex | kernel: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption | known affected: 260 known not affected: 14 | 2026-07-02T17:14:27+00:00 | Vulnerability · Source |
| CVE-2026-31528 | redhat_vex | kernel: perf: Make sure to use pmu_ctx->pmu for groups | known affected: 260 known not affected: 14 | 2026-07-02T17:14:25+00:00 | Vulnerability · Source |
| CVE-2026-31525 | redhat_vex | kernel: bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN | known affected: 184 known not affected: 90 | 2026-07-02T17:14:22+00:00 | Vulnerability · Source |
| CVE-2026-31516 | redhat_vex | kernel: xfrm: prevent policy_hthresh.work from racing with netns teardown | known affected: 274 | 2026-07-02T17:14:22+00:00 | Vulnerability · Source |
| CVE-2026-31513 | redhat_vex | kernel: Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap_ecred_conn_req | known affected: 260 known not affected: 14 | 2026-07-02T17:14:21+00:00 | Vulnerability · Source |
| CVE-2026-31511 | redhat_vex | kernel: Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete | known affected: 260 known not affected: 14 | 2026-07-02T17:14:17+00:00 | Vulnerability · Source |
| CVE-2026-31505 | redhat_vex | kernel: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() | known affected: 260 known not affected: 14 | 2026-07-02T17:14:16+00:00 | Vulnerability · Source |
| CVE-2026-31507 | redhat_vex | kernel: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer | known affected: 260 known not affected: 14 | 2026-07-02T17:14:16+00:00 | Vulnerability · Source |
| CVE-2026-31504 | redhat_vex | kernel: net: fix fanout UAF in packet_release() via NETDEV_UP race | known affected: 260 known not affected: 14 | 2026-07-02T17:14:11+00:00 | Vulnerability · Source |
| CVE-2026-31479 | redhat_vex | kernel: drm/xe: always keep track of remap prev/next | known affected: 184 known not affected: 90 | 2026-07-02T17:14:07+00:00 | Vulnerability · Source |
| CVE-2026-31502 | redhat_vex | kernel: team: fix header_ops type confusion with non-Ethernet ports | known affected: 108 known not affected: 166 | 2026-07-02T17:14:07+00:00 | Vulnerability · Source |
| CVE-2026-31473 | redhat_vex | kernel: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex | known affected: 260 known not affected: 14 | 2026-07-02T17:14:03+00:00 | Vulnerability · Source |
| CVE-2026-31470 | redhat_vex | kernel: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length | known affected: 260 known not affected: 14 | 2026-07-02T17:14:01+00:00 | Vulnerability · Source |
| CVE-2026-31469 | redhat_vex | kernel: virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false | known affected: 260 known not affected: 14 | 2026-07-02T17:13:58+00:00 | Vulnerability · Source |
| CVE-2026-31468 | redhat_vex | kernel: vfio/pci: Fix double free in dma-buf feature | known affected: 260 known not affected: 14 | 2026-07-02T17:13:57+00:00 | Vulnerability · Source |
| CVE-2026-31464 | redhat_vex | kernel: scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() | known affected: 260 known not affected: 14 | 2026-07-02T17:13:54+00:00 | Vulnerability · Source |
| CVE-2026-31454 | redhat_vex | kernel: xfs: save ailp before dropping the AIL lock in push callbacks | known affected: 260 known not affected: 14 | 2026-07-02T17:13:53+00:00 | Vulnerability · Source |
| CVE-2026-31453 | redhat_vex | kernel: xfs: avoid dereferencing log items after push callbacks | known affected: 260 known not affected: 14 | 2026-07-02T17:13:50+00:00 | Vulnerability · Source |
| CVE-2026-31450 | redhat_vex | kernel: ext4: publish jinode after initialization | known affected: 260 known not affected: 14 | 2026-07-02T17:13:49+00:00 | Vulnerability · Source |
| CVE-2026-31449 | redhat_vex | kernel: ext4: validate p_idx bounds in ext4_ext_correct_indexes | known affected: 260 known not affected: 14 | 2026-07-02T17:13:45+00:00 | Vulnerability · Source |