VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

222278 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-22693 redhat_vex harfbuzz: Null Pointer Dereference in harfbuzz fixed: 3 known affected: 214 2026-07-02T17:11:49+00:00 Vulnerability · Source
CVE-2026-2272 redhat_vex gimp: GIMP: Memory corruption due to integer overflow in ICO file handling known affected: 32 2026-07-02T17:11:47+00:00 Vulnerability · Source
CVE-2026-21722 redhat_vex grafana: Public Dashboards time range restriction on annotations can be bypassed known affected: 6 known not affected: 15 2026-07-02T17:11:46+00:00 Vulnerability · Source
CVE-2026-2271 redhat_vex gimp: GIMP: Denial of service via crafted PSP image file known affected: 32 2026-07-02T17:11:40+00:00 Vulnerability · Source
CVE-2026-2003 redhat_vex postgresql: PostgreSQL oidvector discloses a few bytes of memory fixed: 2093 known affected: 84 known not affected: 6 2026-07-02T17:11:40+00:00 Vulnerability · Source
CVE-2026-1940 redhat_vex gstreamer: incomplete fix of CVE-2026-1940 known affected: 22 2026-07-02T17:11:35+00:00 Vulnerability · Source
CVE-2026-1767 redhat_vex localsearch: tracker-miners: GNOME localsearch MP3 Extractor: Heap buffer overflow leading to denial of service or information disclosure via malformed MP3 ID3 tags known affected: 5 2026-07-02T17:11:34+00:00 Vulnerability · Source
CVE-2026-1765 redhat_vex localsearch: tracker-miners: GNOME localsearch MP3 Extractor: Denial of Service and potential information disclosure via crafted MP3 files known affected: 5 2026-07-02T17:11:33+00:00 Vulnerability · Source
CVE-2026-1766 redhat_vex localsearch: tracker-miners: GNOME localsearch MP3 Extractor: Denial of Service and information disclosure via malformed MP3 files. known affected: 5 2026-07-02T17:11:31+00:00 Vulnerability · Source
CVE-2026-1764 redhat_vex localsearch: tracker-miners: GNOME localsearch MP3 Extractor: Heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files known affected: 5 2026-07-02T17:11:27+00:00 Vulnerability · Source
CVE-2026-1760 redhat_vex libsoup: SoupServer: Denial of Service via HTTP request smuggling known affected: 16 2026-07-02T17:11:26+00:00 Vulnerability · Source
CVE-2026-1757 redhat_vex libxml2: Memory Leak Leading to Local Denial of Service in xmllint Interactive Shell fixed: 3 known affected: 25 2026-07-02T17:11:24+00:00 Vulnerability · Source
CVE-2026-1539 redhat_vex libsoup: libsoup: Credential leakage via HTTP redirects known affected: 16 2026-07-02T17:11:21+00:00 Vulnerability · Source
CVE-2026-1536 redhat_vex libsoup: libsoup: HTTP header injection or response splitting via CRLF injection in Content-Disposition header known affected: 16 2026-07-02T17:11:20+00:00 Vulnerability · Source
CVE-2026-1489 redhat_vex Glib: GLib: Memory corruption via integer overflow in Unicode case conversion known affected: 70 2026-07-02T17:11:16+00:00 Vulnerability · Source
CVE-2026-1527 redhat_vex undici: Undici: HTTP header injection and request smuggling vulnerability fixed: 111 known affected: 59 2026-07-02T17:11:16+00:00 Vulnerability · Source
CVE-2026-1467 redhat_vex libsoup: libsoup: HTTP header injection via specially crafted URLs when an HTTP proxy is configured known affected: 16 2026-07-02T17:11:11+00:00 Vulnerability · Source
CVE-2026-1484 redhat_vex Glib: Integer Overflow Leading to Buffer Underflow and Out-of-Bounds Write in GLib g_base64_encode() known affected: 70 2026-07-02T17:11:11+00:00 Vulnerability · Source
CVE-2026-0990 redhat_vex libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing fixed: 3 known affected: 25 2026-07-02T17:11:08+00:00 Vulnerability · Source
CVE-2026-0966 redhat_vex libssh: libssh: Denial of Service via zero-length input in ssh_get_hexa() fixed: 62 known affected: 5 known not affected: 9 2026-07-02T17:11:06+00:00 Vulnerability · Source
CVE-2026-0964 redhat_vex libssh: Improper sanitation of paths received from SCP servers fixed: 58 known affected: 5 known not affected: 9 2026-07-02T17:11:03+00:00 Vulnerability · Source
CVE-2026-0962 redhat_vex Wireshark: Wireshark: Denial of Service via SOME/IP-SD protocol dissector crash known affected: 20 2026-07-02T17:11:01+00:00 Vulnerability · Source
CVE-2026-0961 redhat_vex Wireshark: Wireshark: Denial of Service vulnerability in BLF file parser known affected: 20 2026-07-02T17:10:59+00:00 Vulnerability · Source
CVE-2026-0960 redhat_vex Wireshark: Wireshark: Denial of Service via HTTP3 protocol dissector infinite loop known affected: 20 2026-07-02T17:10:57+00:00 Vulnerability · Source
CVE-2026-0959 redhat_vex Wireshark: Wireshark: Denial of service via IEEE 802.11 protocol dissector crash known affected: 20 2026-07-02T17:10:54+00:00 Vulnerability · Source
CVE-2026-0716 redhat_vex libsoup: Out-of-Bounds Read in libsoup WebSocket Frame Processing known affected: 16 2026-07-02T17:10:53+00:00 Vulnerability · Source
CVE-2026-0540 redhat_vex DOMPurify: DOMPurify: Cross-site scripting vulnerability known affected: 72 2026-07-02T17:10:50+00:00 Vulnerability · Source
CVE-2025-71176 redhat_vex pytest: pytest: Denial of Service or Privilege Escalation via insecure temporary directory handling fixed: 2 known affected: 86 2026-07-02T17:10:45+00:00 Vulnerability · Source
CVE-2025-68468 redhat_vex avahi: Avahi: Denial of Service via crafted mDNS/DNS-SD announcements fixed: 3 known affected: 89 2026-07-02T17:10:44+00:00 Vulnerability · Source
CVE-2025-68276 redhat_vex avahi: Avahi: Denial of Service via D-Bus record browsers with AVAHI_LOOKUP_USE_WIDE_AREA flag fixed: 3 known affected: 89 2026-07-02T17:10:42+00:00 Vulnerability · Source
CVE-2025-59471 redhat_vex next: NextJS Denial of Service in Image Optimizer known affected: 32 2026-07-02T17:10:41+00:00 Vulnerability · Source
CVE-2025-59472 redhat_vex next: NextJS Denial of Service in Partial Pre Rendering known affected: 32 2026-07-02T17:10:39+00:00 Vulnerability · Source
CVE-2025-55132 redhat_vex nodejs: Nodejs filesystem permissions bypass fixed: 313 2026-07-02T17:10:34+00:00 Vulnerability · Source
CVE-2025-41117 redhat_vex github.com/grafana/grafana: Cross site scripting in Grafana Explore stack trace known affected: 25 2026-07-02T17:10:31+00:00 Vulnerability · Source
CVE-2025-15599 redhat_vex DOMPurify: DOMPurify: Cross-site scripting known affected: 72 2026-07-02T17:10:28+00:00 Vulnerability · Source
CVE-2020-37127 redhat_vex dnsmasq: dnsmasq-utils 'dhcp_release' Denial of Service known affected: 19 2026-07-02T17:10:26+00:00 Vulnerability · Source
CVE-2026-6842 redhat_vex nano: nano: Local attacker can inject malicious .desktop launcher due to insecure directory permissions known affected: 8 2026-07-02T17:10:24+00:00 Vulnerability · Source
CVE-2020-37011 redhat_vex gnome-font-viewer: Gnome Fonts Viewer: Denial of Service via malicious TTF font file known affected: 5 2026-07-02T17:10:23+00:00 Vulnerability · Source
CVE-2026-9150 redhat_vex libsolv: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512 checksums fixed: 120 known affected: 16 known not affected: 5 2026-07-02T17:10:12+00:00 Vulnerability · Source
CVE-2026-9149 redhat_vex libsolv: Heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file fixed: 120 known affected: 21 2026-07-02T17:10:09+00:00 Vulnerability · Source
CVE-2026-7378 redhat_vex Wireshark: sharkd: Wireshark sharkd: Denial of Service via crash vulnerability known affected: 20 2026-07-02T17:10:07+00:00 Vulnerability · Source
CVE-2026-7376 redhat_vex Wireshark: sharkd: Wireshark sharkd: Denial of Service due to crash known affected: 20 2026-07-02T17:10:04+00:00 Vulnerability · Source
CVE-2026-7375 redhat_vex Wireshark: Wireshark: Denial of Service via UDS protocol dissector infinite loop known affected: 20 2026-07-02T17:10:00+00:00 Vulnerability · Source
CVE-2026-6993 redhat_vex net/http: golang: github.com/go-kratos/kratos: go-kratos kratos: Information disclosure via unintended HTTP server intermediary known affected: 391 2026-07-02T17:09:58+00:00 Vulnerability · Source
CVE-2026-6869 redhat_vex wireshark: Wireshark: Denial of Service via WebSocket protocol dissector crash known affected: 20 2026-07-02T17:09:56+00:00 Vulnerability · Source
CVE-2026-6868 redhat_vex wireshark: Wireshark: Denial of Service via malicious network capture file known affected: 20 2026-07-02T17:09:54+00:00 Vulnerability · Source
CVE-2026-6843 redhat_vex nano: nano: Format string vulnerability leads to Denial of Service known affected: 8 2026-07-02T17:09:52+00:00 Vulnerability · Source
CVE-2026-6732 redhat_vex libxml2: libxml2: Denial of Service via crafted XSD-validated document fixed: 3 known affected: 25 2026-07-02T17:09:49+00:00 Vulnerability · Source
CVE-2026-6538 redhat_vex Wireshark: Wireshark: Denial of Service via BEEP protocol dissector crash known affected: 20 2026-07-02T17:09:47+00:00 Vulnerability · Source
CVE-2026-6537 redhat_vex Wireshark: Wireshark: Denial of Service via ZigBee protocol dissector crash known affected: 20 2026-07-02T17:09:44+00:00 Vulnerability · Source