VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
222278 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-22693 | redhat_vex | harfbuzz: Null Pointer Dereference in harfbuzz | fixed: 3 known affected: 214 | 2026-07-02T17:11:49+00:00 | Vulnerability · Source |
| CVE-2026-2272 | redhat_vex | gimp: GIMP: Memory corruption due to integer overflow in ICO file handling | known affected: 32 | 2026-07-02T17:11:47+00:00 | Vulnerability · Source |
| CVE-2026-21722 | redhat_vex | grafana: Public Dashboards time range restriction on annotations can be bypassed | known affected: 6 known not affected: 15 | 2026-07-02T17:11:46+00:00 | Vulnerability · Source |
| CVE-2026-2271 | redhat_vex | gimp: GIMP: Denial of service via crafted PSP image file | known affected: 32 | 2026-07-02T17:11:40+00:00 | Vulnerability · Source |
| CVE-2026-2003 | redhat_vex | postgresql: PostgreSQL oidvector discloses a few bytes of memory | fixed: 2093 known affected: 84 known not affected: 6 | 2026-07-02T17:11:40+00:00 | Vulnerability · Source |
| CVE-2026-1940 | redhat_vex | gstreamer: incomplete fix of CVE-2026-1940 | known affected: 22 | 2026-07-02T17:11:35+00:00 | Vulnerability · Source |
| CVE-2026-1767 | redhat_vex | localsearch: tracker-miners: GNOME localsearch MP3 Extractor: Heap buffer overflow leading to denial of service or information disclosure via malformed MP3 ID3 tags | known affected: 5 | 2026-07-02T17:11:34+00:00 | Vulnerability · Source |
| CVE-2026-1765 | redhat_vex | localsearch: tracker-miners: GNOME localsearch MP3 Extractor: Denial of Service and potential information disclosure via crafted MP3 files | known affected: 5 | 2026-07-02T17:11:33+00:00 | Vulnerability · Source |
| CVE-2026-1766 | redhat_vex | localsearch: tracker-miners: GNOME localsearch MP3 Extractor: Denial of Service and information disclosure via malformed MP3 files. | known affected: 5 | 2026-07-02T17:11:31+00:00 | Vulnerability · Source |
| CVE-2026-1764 | redhat_vex | localsearch: tracker-miners: GNOME localsearch MP3 Extractor: Heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files | known affected: 5 | 2026-07-02T17:11:27+00:00 | Vulnerability · Source |
| CVE-2026-1760 | redhat_vex | libsoup: SoupServer: Denial of Service via HTTP request smuggling | known affected: 16 | 2026-07-02T17:11:26+00:00 | Vulnerability · Source |
| CVE-2026-1757 | redhat_vex | libxml2: Memory Leak Leading to Local Denial of Service in xmllint Interactive Shell | fixed: 3 known affected: 25 | 2026-07-02T17:11:24+00:00 | Vulnerability · Source |
| CVE-2026-1539 | redhat_vex | libsoup: libsoup: Credential leakage via HTTP redirects | known affected: 16 | 2026-07-02T17:11:21+00:00 | Vulnerability · Source |
| CVE-2026-1536 | redhat_vex | libsoup: libsoup: HTTP header injection or response splitting via CRLF injection in Content-Disposition header | known affected: 16 | 2026-07-02T17:11:20+00:00 | Vulnerability · Source |
| CVE-2026-1489 | redhat_vex | Glib: GLib: Memory corruption via integer overflow in Unicode case conversion | known affected: 70 | 2026-07-02T17:11:16+00:00 | Vulnerability · Source |
| CVE-2026-1527 | redhat_vex | undici: Undici: HTTP header injection and request smuggling vulnerability | fixed: 111 known affected: 59 | 2026-07-02T17:11:16+00:00 | Vulnerability · Source |
| CVE-2026-1467 | redhat_vex | libsoup: libsoup: HTTP header injection via specially crafted URLs when an HTTP proxy is configured | known affected: 16 | 2026-07-02T17:11:11+00:00 | Vulnerability · Source |
| CVE-2026-1484 | redhat_vex | Glib: Integer Overflow Leading to Buffer Underflow and Out-of-Bounds Write in GLib g_base64_encode() | known affected: 70 | 2026-07-02T17:11:11+00:00 | Vulnerability · Source |
| CVE-2026-0990 | redhat_vex | libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing | fixed: 3 known affected: 25 | 2026-07-02T17:11:08+00:00 | Vulnerability · Source |
| CVE-2026-0966 | redhat_vex | libssh: libssh: Denial of Service via zero-length input in ssh_get_hexa() | fixed: 62 known affected: 5 known not affected: 9 | 2026-07-02T17:11:06+00:00 | Vulnerability · Source |
| CVE-2026-0964 | redhat_vex | libssh: Improper sanitation of paths received from SCP servers | fixed: 58 known affected: 5 known not affected: 9 | 2026-07-02T17:11:03+00:00 | Vulnerability · Source |
| CVE-2026-0962 | redhat_vex | Wireshark: Wireshark: Denial of Service via SOME/IP-SD protocol dissector crash | known affected: 20 | 2026-07-02T17:11:01+00:00 | Vulnerability · Source |
| CVE-2026-0961 | redhat_vex | Wireshark: Wireshark: Denial of Service vulnerability in BLF file parser | known affected: 20 | 2026-07-02T17:10:59+00:00 | Vulnerability · Source |
| CVE-2026-0960 | redhat_vex | Wireshark: Wireshark: Denial of Service via HTTP3 protocol dissector infinite loop | known affected: 20 | 2026-07-02T17:10:57+00:00 | Vulnerability · Source |
| CVE-2026-0959 | redhat_vex | Wireshark: Wireshark: Denial of service via IEEE 802.11 protocol dissector crash | known affected: 20 | 2026-07-02T17:10:54+00:00 | Vulnerability · Source |
| CVE-2026-0716 | redhat_vex | libsoup: Out-of-Bounds Read in libsoup WebSocket Frame Processing | known affected: 16 | 2026-07-02T17:10:53+00:00 | Vulnerability · Source |
| CVE-2026-0540 | redhat_vex | DOMPurify: DOMPurify: Cross-site scripting vulnerability | known affected: 72 | 2026-07-02T17:10:50+00:00 | Vulnerability · Source |
| CVE-2025-71176 | redhat_vex | pytest: pytest: Denial of Service or Privilege Escalation via insecure temporary directory handling | fixed: 2 known affected: 86 | 2026-07-02T17:10:45+00:00 | Vulnerability · Source |
| CVE-2025-68468 | redhat_vex | avahi: Avahi: Denial of Service via crafted mDNS/DNS-SD announcements | fixed: 3 known affected: 89 | 2026-07-02T17:10:44+00:00 | Vulnerability · Source |
| CVE-2025-68276 | redhat_vex | avahi: Avahi: Denial of Service via D-Bus record browsers with AVAHI_LOOKUP_USE_WIDE_AREA flag | fixed: 3 known affected: 89 | 2026-07-02T17:10:42+00:00 | Vulnerability · Source |
| CVE-2025-59471 | redhat_vex | next: NextJS Denial of Service in Image Optimizer | known affected: 32 | 2026-07-02T17:10:41+00:00 | Vulnerability · Source |
| CVE-2025-59472 | redhat_vex | next: NextJS Denial of Service in Partial Pre Rendering | known affected: 32 | 2026-07-02T17:10:39+00:00 | Vulnerability · Source |
| CVE-2025-55132 | redhat_vex | nodejs: Nodejs filesystem permissions bypass | fixed: 313 | 2026-07-02T17:10:34+00:00 | Vulnerability · Source |
| CVE-2025-41117 | redhat_vex | github.com/grafana/grafana: Cross site scripting in Grafana Explore stack trace | known affected: 25 | 2026-07-02T17:10:31+00:00 | Vulnerability · Source |
| CVE-2025-15599 | redhat_vex | DOMPurify: DOMPurify: Cross-site scripting | known affected: 72 | 2026-07-02T17:10:28+00:00 | Vulnerability · Source |
| CVE-2020-37127 | redhat_vex | dnsmasq: dnsmasq-utils 'dhcp_release' Denial of Service | known affected: 19 | 2026-07-02T17:10:26+00:00 | Vulnerability · Source |
| CVE-2026-6842 | redhat_vex | nano: nano: Local attacker can inject malicious .desktop launcher due to insecure directory permissions | known affected: 8 | 2026-07-02T17:10:24+00:00 | Vulnerability · Source |
| CVE-2020-37011 | redhat_vex | gnome-font-viewer: Gnome Fonts Viewer: Denial of Service via malicious TTF font file | known affected: 5 | 2026-07-02T17:10:23+00:00 | Vulnerability · Source |
| CVE-2026-9150 | redhat_vex | libsolv: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512 checksums | fixed: 120 known affected: 16 known not affected: 5 | 2026-07-02T17:10:12+00:00 | Vulnerability · Source |
| CVE-2026-9149 | redhat_vex | libsolv: Heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file | fixed: 120 known affected: 21 | 2026-07-02T17:10:09+00:00 | Vulnerability · Source |
| CVE-2026-7378 | redhat_vex | Wireshark: sharkd: Wireshark sharkd: Denial of Service via crash vulnerability | known affected: 20 | 2026-07-02T17:10:07+00:00 | Vulnerability · Source |
| CVE-2026-7376 | redhat_vex | Wireshark: sharkd: Wireshark sharkd: Denial of Service due to crash | known affected: 20 | 2026-07-02T17:10:04+00:00 | Vulnerability · Source |
| CVE-2026-7375 | redhat_vex | Wireshark: Wireshark: Denial of Service via UDS protocol dissector infinite loop | known affected: 20 | 2026-07-02T17:10:00+00:00 | Vulnerability · Source |
| CVE-2026-6993 | redhat_vex | net/http: golang: github.com/go-kratos/kratos: go-kratos kratos: Information disclosure via unintended HTTP server intermediary | known affected: 391 | 2026-07-02T17:09:58+00:00 | Vulnerability · Source |
| CVE-2026-6869 | redhat_vex | wireshark: Wireshark: Denial of Service via WebSocket protocol dissector crash | known affected: 20 | 2026-07-02T17:09:56+00:00 | Vulnerability · Source |
| CVE-2026-6868 | redhat_vex | wireshark: Wireshark: Denial of Service via malicious network capture file | known affected: 20 | 2026-07-02T17:09:54+00:00 | Vulnerability · Source |
| CVE-2026-6843 | redhat_vex | nano: nano: Format string vulnerability leads to Denial of Service | known affected: 8 | 2026-07-02T17:09:52+00:00 | Vulnerability · Source |
| CVE-2026-6732 | redhat_vex | libxml2: libxml2: Denial of Service via crafted XSD-validated document | fixed: 3 known affected: 25 | 2026-07-02T17:09:49+00:00 | Vulnerability · Source |
| CVE-2026-6538 | redhat_vex | Wireshark: Wireshark: Denial of Service via BEEP protocol dissector crash | known affected: 20 | 2026-07-02T17:09:47+00:00 | Vulnerability · Source |
| CVE-2026-6537 | redhat_vex | Wireshark: Wireshark: Denial of Service via ZigBee protocol dissector crash | known affected: 20 | 2026-07-02T17:09:44+00:00 | Vulnerability · Source |