VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
222278 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-6536 | redhat_vex | wireshark: Wireshark: Denial of Service via DLMS/COSEM protocol dissector infinite loop | known affected: 20 | 2026-07-02T17:09:43+00:00 | Vulnerability · Source |
| CVE-2026-6535 | redhat_vex | wireshark: Wireshark: Denial of service via zlib decompression crash | known affected: 20 | 2026-07-02T17:09:39+00:00 | Vulnerability · Source |
| CVE-2026-6533 | redhat_vex | Wireshark: Wireshark: Denial of service via LZ77 decompression crash | known affected: 20 | 2026-07-02T17:09:38+00:00 | Vulnerability · Source |
| CVE-2026-6531 | redhat_vex | Wireshark: Wireshark: Denial of Service via SANE protocol dissector infinite loop | known affected: 20 | 2026-07-02T17:09:34+00:00 | Vulnerability · Source |
| CVE-2026-6529 | redhat_vex | wireshark: Wireshark: Denial of Service via iLBC audio codec processing | known affected: 20 | 2026-07-02T17:09:33+00:00 | Vulnerability · Source |
| CVE-2026-6528 | redhat_vex | Wireshark: Wireshark: Denial of service via TLS protocol dissector infinite loop | known affected: 20 | 2026-07-02T17:09:32+00:00 | Vulnerability · Source |
| CVE-2026-6527 | redhat_vex | wireshark: Wireshark: Denial of Service due to ASN.1 PER protocol dissector crash | known affected: 20 | 2026-07-02T17:09:28+00:00 | Vulnerability · Source |
| CVE-2026-6526 | redhat_vex | wireshark: Wireshark: Denial of Service due to RTSP protocol dissector crash | known affected: 20 | 2026-07-02T17:09:24+00:00 | Vulnerability · Source |
| CVE-2026-6522 | redhat_vex | Wireshark: Wireshark: Denial of Service via RPKI-Router protocol dissector infinite loop | known affected: 20 | 2026-07-02T17:09:23+00:00 | Vulnerability · Source |
| CVE-2026-6521 | redhat_vex | Wireshark: Wireshark: Denial of Service via OpenFlow v5 protocol dissector infinite loop | known affected: 20 | 2026-07-02T17:09:19+00:00 | Vulnerability · Source |
| CVE-2026-6520 | redhat_vex | Wireshark: Wireshark: Denial of Service via OpenFlow v6 protocol dissector infinite loop | known affected: 20 | 2026-07-02T17:09:19+00:00 | Vulnerability · Source |
| CVE-2026-6420 | redhat_vex | keylime: Keylime: Security bypass due to hardcoded TPM quote nonce | fixed: 30 known affected: 8 | 2026-07-02T17:09:17+00:00 | Vulnerability · Source |
| CVE-2026-6519 | redhat_vex | Wireshark: Wireshark: Denial of Service via MBIM protocol dissector infinite loop | known affected: 20 | 2026-07-02T17:09:14+00:00 | Vulnerability · Source |
| CVE-2026-6357 | redhat_vex | pip: pip: Arbitrary code execution or information disclosure via malicious wheel package installation | known affected: 93 known not affected: 20 | 2026-07-02T17:09:09+00:00 | Vulnerability · Source |
| CVE-2026-6245 | redhat_vex | sssd: out-of-bounds read in the sssd | known affected: 163 | 2026-07-02T17:09:09+00:00 | Vulnerability · Source |
| CVE-2026-5657 | redhat_vex | Wireshark: Wireshark: Denial of service via iLBC codec crash | known affected: 20 | 2026-07-02T17:09:09+00:00 | Vulnerability · Source |
| CVE-2026-5655 | redhat_vex | wireshark: Wireshark: Denial of Service due to SDP protocol dissector crash | known affected: 20 | 2026-07-02T17:09:02+00:00 | Vulnerability · Source |
| CVE-2026-5654 | redhat_vex | wireshark: Wireshark: Denial of service vulnerability in AMR-NB codec | known affected: 20 | 2026-07-02T17:08:59+00:00 | Vulnerability · Source |
| CVE-2026-5408 | redhat_vex | wireshark: Wireshark: Denial of service via BT-DHT protocol dissector crash | known affected: 20 | 2026-07-02T17:08:54+00:00 | Vulnerability · Source |
| CVE-2026-5409 | redhat_vex | wireshark: Wireshark: Denial of service via Monero protocol dissector crash | known affected: 20 | 2026-07-02T17:08:54+00:00 | Vulnerability · Source |
| CVE-2026-5653 | redhat_vex | wireshark: Wireshark: Denial of Service via DCP-ETSI protocol dissector crash | known affected: 20 | 2026-07-02T17:08:54+00:00 | Vulnerability · Source |
| CVE-2025-9566 | redhat_vex | podman: Podman kube play command may overwrite host files | fixed: 2676 known affected: 1 known not affected: 1174 | 2026-07-02T17:00:10+00:00 | Vulnerability · Source |
| CVE-2026-44222 | redhat_vex | vllm: vLLM: Denial of Service via malformed multimodal input or token injection | known affected: 19 | 2026-07-02T16:43:13+00:00 | Vulnerability · Source |
| CVE-2026-46406 | redhat_vex | @anthropic-ai/claude-code: Claude Code: Information disclosure and file overwrite via insecure temporary file in /copy command | known affected: 1 known not affected: 1 | 2026-07-02T16:22:43+00:00 | Vulnerability · Source |
| CVE-2026-41643 | redhat_vex | github.com/osrg/gobgp: GoBGP: Denial of Service via malformed BGP UPDATE message | known not affected: 1 | 2026-07-02T15:59:54+00:00 | Vulnerability · Source |
| CVE-2025-15666 | redhat_vex | assimp: Assimp: Heap-based buffer overflow via crafted model file | known affected: 8 | 2026-07-02T15:50:50+00:00 | Vulnerability · Source |
| CVE-2026-10101 | redhat_vex | assisted-service: assisted-service: InfraEnv status leaks referenced pull-secret contents to namespace view users | known affected: 1 | 2026-07-02T15:50:50+00:00 | Vulnerability · Source |
| CVE-2026-35554 | redhat_vex | Apache Kafka Clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management | fixed: 3 known affected: 13 known not affected: 9 | 2026-07-02T15:37:47+00:00 | Vulnerability · Source |
| CVE-2026-37106 | redhat_vex | DokuWiki: DokuWiki: Unauthorized account creation via registration function | known not affected: 1 | 2026-07-02T15:37:47+00:00 | Vulnerability · Source |
| CVE-2026-42402 | redhat_vex | org.apache.neethi: Apache Neethi: Denial of Service via algorithmic complexity in policy normalization | fixed: 1 known affected: 8 | 2026-07-02T15:33:44+00:00 | Vulnerability · Source |
| CVE-2026-40923 | redhat_vex | github.com/tektoncd/pipeline: Tekton Pipelines: Unauthorized access and information disclosure via path validation bypass | known affected: 57 known not affected: 17 | 2026-07-02T15:33:41+00:00 | Vulnerability · Source |
| CVE-2026-25542 | redhat_vex | github.com/tektoncd/pipeline: Tekton Pipelines: Security bypass due to regular expression matching flaw | known affected: 55 known not affected: 19 | 2026-07-02T15:33:37+00:00 | Vulnerability · Source |
| CVE-2026-7571 | redhat_vex | keycloak: Keycloak: Access token disclosure and implicit flow bypass via forged client data | fixed: 10 | 2026-07-02T15:33:35+00:00 | Vulnerability · Source |
| CVE-2026-4630 | redhat_vex | keycloak: Keycloak: Unauthorized resource access and data modification via Insecure Direct Object Reference | fixed: 10 | 2026-07-02T15:33:33+00:00 | Vulnerability · Source |
| CVE-2025-58713 | redhat_vex | rhpam: privilege escalation via excessive /etc/passwd permissions | under investigation: 6 | 2026-07-02T15:33:16+00:00 | Vulnerability · Source |
| CVE-2025-57849 | redhat_vex | fuse: privilege escalation via excessive /etc/passwd permissions | known affected: 6 | 2026-07-02T15:33:16+00:00 | Vulnerability · Source |
| CVE-2026-54370 | redhat_vex | acl: TOCTOU Symlink Traversal via getfacl/setfacl | fixed: 3 known affected: 16 | 2026-07-02T15:23:57+00:00 | Vulnerability · Source |
| CVE-2026-32952 | redhat_vex | go-ntlmssp: go-ntlmssp: Denial of Service via malicious NTLM challenge | known not affected: 15 under investigation: 122 | 2026-07-02T15:23:55+00:00 | Vulnerability · Source |
| CVE-2026-44604 | redhat_vex | rpm: Command injection in rpmuncompress doUntar() via unescaped archive top-level directory name in popen() shell command | fixed: 4 under investigation: 78 | 2026-07-02T15:23:55+00:00 | Vulnerability · Source |
| CVE-2026-6861 | redhat_vex | emacs: Emacs: Memory corruption vulnerability when processing SVG CSS | under investigation: 29 | 2026-07-02T15:23:50+00:00 | Vulnerability · Source |
| CVE-2026-6862 | redhat_vex | efivar: efivar: Denial of Service due to stack overflow in device path node parsing | under investigation: 13 | 2026-07-02T15:23:47+00:00 | Vulnerability · Source |
| CVE-2026-3172 | redhat_vex | pgvector: pgvector: Information disclosure or denial of service via buffer overflow in parallel HNSW index build | known affected: 2 under investigation: 6 | 2026-07-02T15:23:43+00:00 | Vulnerability · Source |
| CVE-2025-58187 | redhat_vex | crypto/x509: Quadratic complexity when checking name constraints in crypto/x509 | fixed: 8 known affected: 2 under investigation: 353 | 2026-07-02T15:23:38+00:00 | Vulnerability · Source |
| CVE-2026-56371 | redhat_vex | ImageMagick: ImageMagick: Denial of Service due to memory leak in TXT file processing | known affected: 14 | 2026-07-02T15:17:24+00:00 | Vulnerability · Source |
| CVE-2026-40336 | redhat_vex | libgphoto2: libgphoto2: Memory leak in ptp_unpack_Sony_DPD() can lead to denial of service | under investigation: 10 | 2026-07-02T15:17:16+00:00 | Vulnerability · Source |
| CVE-2026-6324 | redhat_vex | libsoup: libsoup: HTTP Request Smuggling via Unsigned to Signed Conversion Error | under investigation: 16 | 2026-07-02T15:16:55+00:00 | Vulnerability · Source |
| CVE-2026-52996 | microsoft_vex | ksmbd: fix durable fd leak on ClientGUID mismatch in durable v2 open | known not affected: 1 | 2026-07-02T14:47:37+00:00 | Vulnerability · Source |
| CVE-2026-53192 | microsoft_vex | ALSA: timer: Fix UAF at snd_timer_user_params() | fixed: 1 known affected: 2 | 2026-07-02T14:47:32+00:00 | Vulnerability · Source |
| CVE-2026-53139 | microsoft_vex | drm/v3d: Skip CSD when it has zeroed workgroups | known affected: 1 known not affected: 1 | 2026-07-02T14:47:26+00:00 | Vulnerability · Source |
| CVE-2026-53131 | microsoft_vex | netfilter: require Ethernet MAC header before using eth_hdr() | fixed: 1 known affected: 2 | 2026-07-02T14:47:20+00:00 | Vulnerability · Source |