VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
222278 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-31448 | redhat_vex | kernel: ext4: avoid infinite loops caused by residual data | known affected: 260 known not affected: 14 | 2026-07-02T17:13:44+00:00 | Vulnerability · Source |
| CVE-2026-31447 | redhat_vex | kernel: ext4: reject mount if bigalloc with s_first_data_block != 0 | known affected: 274 | 2026-07-02T17:13:42+00:00 | Vulnerability · Source |
| CVE-2026-31446 | redhat_vex | kernel: ext4: fix use-after-free in update_super_work when racing with umount | known affected: 260 known not affected: 14 | 2026-07-02T17:13:40+00:00 | Vulnerability · Source |
| CVE-2026-31442 | redhat_vex | kernel: dmaengine: idxd: Fix possible invalid memory access after FLR | known affected: 184 known not affected: 90 | 2026-07-02T17:13:39+00:00 | Vulnerability · Source |
| CVE-2026-31436 | redhat_vex | kernel: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() | known affected: 260 known not affected: 14 | 2026-07-02T17:13:37+00:00 | Vulnerability · Source |
| CVE-2026-31426 | redhat_vex | kernel: ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() | known affected: 246 known not affected: 28 | 2026-07-02T17:13:34+00:00 | Vulnerability · Source |
| CVE-2026-31414 | redhat_vex | kernel: Linux kernel (netfilter): Denial of Service via unsafe connection tracking helper operations | known affected: 274 | 2026-07-02T17:13:32+00:00 | Vulnerability · Source |
| CVE-2026-28755 | redhat_vex | NGINX: NGINX: Certificate revocation bypass when OCSP is enabled | fixed: 4 known affected: 54 | 2026-07-02T17:13:30+00:00 | Vulnerability · Source |
| CVE-2026-28420 | redhat_vex | vim: Vim: Information disclosure and denial of service via crafted Unicode characters in terminal emulator | known affected: 33 | 2026-07-02T17:13:27+00:00 | Vulnerability · Source |
| CVE-2026-28418 | redhat_vex | vim: Vim: Information disclosure via heap-based buffer overflow in Emacs-style tags file parsing | known affected: 33 | 2026-07-02T17:13:25+00:00 | Vulnerability · Source |
| CVE-2026-28419 | redhat_vex | vim: Vim: Information disclosure and denial of service via malformed tags file | known affected: 33 | 2026-07-02T17:13:25+00:00 | Vulnerability · Source |
| CVE-2026-28296 | redhat_vex | gvfs: FTP GVfs backend: Arbitrary FTP command injection via CRLF sequences in file paths | known affected: 48 | 2026-07-02T17:13:21+00:00 | Vulnerability · Source |
| CVE-2026-25941 | redhat_vex | freerdp: FreeRDP: Information disclosure or client crash via out-of-bounds read in RDPGFX channel | known affected: 31 | 2026-07-02T17:13:18+00:00 | Vulnerability · Source |
| CVE-2026-25645 | redhat_vex | requests: Requests: Security bypass due to predictable temporary file creation | known affected: 291 | 2026-07-02T17:13:17+00:00 | Vulnerability · Source |
| CVE-2026-24401 | redhat_vex | avahi: Avahi: Denial of Service via recursive CNAME record in mDNS response | fixed: 3 known affected: 89 | 2026-07-02T17:13:13+00:00 | Vulnerability · Source |
| CVE-2026-23865 | redhat_vex | freetype: Information disclosure or denial of service via specially crafted font files | fixed: 3231 known affected: 91 known not affected: 8 | 2026-07-02T17:13:06+00:00 | Vulnerability · Source |
| CVE-2026-2625 | redhat_vex | rust-rpm-sequoia: rust-rpm-sequoia: Denial of Service via crafted RPM file during signature verification | fixed: 3 known affected: 4 | 2026-07-02T17:13:04+00:00 | Vulnerability · Source |
| CVE-2026-2604 | redhat_vex | evolution-data-server: Evolution Data Server: Arbitrary file deletion via inconsistent URI handling | known affected: 32 | 2026-07-02T17:13:00+00:00 | Vulnerability · Source |
| CVE-2026-2581 | redhat_vex | undici: Undici: Denial of Service due to uncontrolled resource consumption | fixed: 111 known affected: 59 | 2026-07-02T17:12:59+00:00 | Vulnerability · Source |
| CVE-2026-2436 | redhat_vex | libsoup: libsoup: Denial of Service via use-after-free in SoupServer during TLS handshake | known affected: 16 | 2026-07-02T17:12:58+00:00 | Vulnerability · Source |
| CVE-2026-23395 | redhat_vex | kernel: Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ | known affected: 232 known not affected: 42 | 2026-07-02T17:12:40+00:00 | Vulnerability · Source |
| CVE-2026-23391 | redhat_vex | kernel: netfilter: xt_CT: drop pending enqueued packets on template removal | known affected: 274 | 2026-07-02T17:12:39+00:00 | Vulnerability · Source |
| CVE-2026-23351 | redhat_vex | kernel: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase | known affected: 232 known not affected: 42 | 2026-07-02T17:12:36+00:00 | Vulnerability · Source |
| CVE-2026-23340 | redhat_vex | kernel: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs | known affected: 246 known not affected: 28 | 2026-07-02T17:12:34+00:00 | Vulnerability · Source |
| CVE-2026-23336 | redhat_vex | kernel: wifi: cfg80211: cancel rfkill_block work in wiphy_unregister() | known affected: 274 | 2026-07-02T17:12:33+00:00 | Vulnerability · Source |
| CVE-2026-23317 | redhat_vex | kernel: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions | known affected: 246 known not affected: 28 | 2026-07-02T17:12:31+00:00 | Vulnerability · Source |
| CVE-2026-23278 | redhat_vex | kernel: netfilter: nf_tables: always walk all pending catchall elements | known affected: 184 known not affected: 90 | 2026-07-02T17:12:29+00:00 | Vulnerability · Source |
| CVE-2026-23274 | redhat_vex | kernel: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels | known affected: 184 known not affected: 90 | 2026-07-02T17:12:26+00:00 | Vulnerability · Source |
| CVE-2026-23272 | redhat_vex | kernel: netfilter: nf_tables: unconditionally bump set->nelems before insertion | known affected: 232 known not affected: 42 | 2026-07-02T17:12:24+00:00 | Vulnerability · Source |
| CVE-2026-23271 | redhat_vex | kernel: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race | known affected: 274 | 2026-07-02T17:12:22+00:00 | Vulnerability · Source |
| CVE-2026-23248 | redhat_vex | kernel: perf/core: Fix refcount bug and potential UAF in perf_mmap | known affected: 274 | 2026-07-02T17:12:20+00:00 | Vulnerability · Source |
| CVE-2026-23242 | redhat_vex | kernel: RDMA/siw: Fix potential NULL pointer dereference in header processing | known affected: 156 known not affected: 118 | 2026-07-02T17:12:12+00:00 | Vulnerability · Source |
| CVE-2026-23240 | redhat_vex | kernel: Linux kernel: Denial of service due to a race condition in the TLS subsystem | known affected: 230 known not affected: 44 | 2026-07-02T17:12:11+00:00 | Vulnerability · Source |
| CVE-2026-23239 | redhat_vex | kernel: Kernel: Race condition in espintcp can lead to denial of service | known affected: 232 known not affected: 42 | 2026-07-02T17:12:08+00:00 | Vulnerability · Source |
| CVE-2026-23230 | redhat_vex | kernel: Linux kernel: Denial of Service in SMB client due to race condition | known affected: 184 known not affected: 90 | 2026-07-02T17:12:06+00:00 | Vulnerability · Source |
| CVE-2026-23178 | redhat_vex | kernel: HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report() | known affected: 232 known not affected: 42 | 2026-07-02T17:12:04+00:00 | Vulnerability · Source |
| CVE-2026-23148 | redhat_vex | kernel: nvmet: fix race in nvmet_bio_done() leading to NULL pointer dereference | known affected: 184 known not affected: 90 | 2026-07-02T17:12:02+00:00 | Vulnerability · Source |
| CVE-2026-23112 | redhat_vex | kernel: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec | known affected: 232 known not affected: 42 | 2026-07-02T17:11:59+00:00 | Vulnerability · Source |
| CVE-2026-22791 | redhat_vex | openCryptoki: openCryptoki: Denial of Service and heap corruption via heap buffer overflow | known affected: 18 known not affected: 22 | 2026-07-02T17:11:56+00:00 | Vulnerability · Source |
| CVE-2026-22741 | redhat_vex | Spring MVC: Spring WebFlux: Spring MVC and Spring WebFlux: Denial of Service via cache poisoning | known affected: 36 | 2026-07-02T17:11:52+00:00 | Vulnerability · Source |
| CVE-2026-22693 | redhat_vex | harfbuzz: Null Pointer Dereference in harfbuzz | fixed: 3 known affected: 214 | 2026-07-02T17:11:49+00:00 | Vulnerability · Source |
| CVE-2026-2272 | redhat_vex | gimp: GIMP: Memory corruption due to integer overflow in ICO file handling | known affected: 32 | 2026-07-02T17:11:47+00:00 | Vulnerability · Source |
| CVE-2026-21722 | redhat_vex | grafana: Public Dashboards time range restriction on annotations can be bypassed | known affected: 6 known not affected: 15 | 2026-07-02T17:11:46+00:00 | Vulnerability · Source |
| CVE-2026-2271 | redhat_vex | gimp: GIMP: Denial of service via crafted PSP image file | known affected: 32 | 2026-07-02T17:11:40+00:00 | Vulnerability · Source |
| CVE-2026-2003 | redhat_vex | postgresql: PostgreSQL oidvector discloses a few bytes of memory | fixed: 2093 known affected: 84 known not affected: 6 | 2026-07-02T17:11:40+00:00 | Vulnerability · Source |
| CVE-2026-1940 | redhat_vex | gstreamer: incomplete fix of CVE-2026-1940 | known affected: 22 | 2026-07-02T17:11:35+00:00 | Vulnerability · Source |
| CVE-2026-1767 | redhat_vex | localsearch: tracker-miners: GNOME localsearch MP3 Extractor: Heap buffer overflow leading to denial of service or information disclosure via malformed MP3 ID3 tags | known affected: 5 | 2026-07-02T17:11:34+00:00 | Vulnerability · Source |
| CVE-2026-1765 | redhat_vex | localsearch: tracker-miners: GNOME localsearch MP3 Extractor: Denial of Service and potential information disclosure via crafted MP3 files | known affected: 5 | 2026-07-02T17:11:33+00:00 | Vulnerability · Source |
| CVE-2026-1766 | redhat_vex | localsearch: tracker-miners: GNOME localsearch MP3 Extractor: Denial of Service and information disclosure via malformed MP3 files. | known affected: 5 | 2026-07-02T17:11:31+00:00 | Vulnerability · Source |
| CVE-2026-1764 | redhat_vex | localsearch: tracker-miners: GNOME localsearch MP3 Extractor: Heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files | known affected: 5 | 2026-07-02T17:11:27+00:00 | Vulnerability · Source |