VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
222279 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-53194 | microsoft_vex | USB: serial: kl5kusb105: fix bulk-out buffer overflow | known not affected: 1 | 2026-07-02T14:47:07+00:00 | Vulnerability · Source |
| CVE-2026-53065 | microsoft_vex | ASoC: sti: use managed regmap_field allocations | known not affected: 1 | 2026-07-02T14:47:01+00:00 | Vulnerability · Source |
| CVE-2026-53159 | microsoft_vex | misc: fastrpc: fix DMA address corruption due to find_vma misuse | known not affected: 1 | 2026-07-02T14:46:55+00:00 | Vulnerability · Source |
| CVE-2026-53024 | microsoft_vex | greybus: raw: fix use-after-free if write is called after disconnect | known affected: 1 known not affected: 1 | 2026-07-02T14:46:49+00:00 | Vulnerability · Source |
| CVE-2026-53136 | microsoft_vex | drm/amd/display: Clamp VBIOS HDMI retimer register count to array size | fixed: 1 known affected: 2 | 2026-07-02T14:46:43+00:00 | Vulnerability · Source |
| CVE-2026-52948 | microsoft_vex | i2c: dev: prevent integer overflow in I2C_TIMEOUT ioctl | fixed: 1 known affected: 2 | 2026-07-02T14:46:31+00:00 | Vulnerability · Source |
| CVE-2026-52955 | microsoft_vex | libceph: Fix potential out-of-bounds access in crush_decode() | fixed: 1 known affected: 2 | 2026-07-02T14:46:25+00:00 | Vulnerability · Source |
| CVE-2026-53215 | microsoft_vex | net: mvpp2: refill RX buffers before XDP or skb use | known not affected: 1 | 2026-07-02T14:46:19+00:00 | Vulnerability · Source |
| CVE-2026-53025 | microsoft_vex | greybus: raw: fix use-after-free on cdev close | known affected: 1 known not affected: 1 | 2026-07-02T14:46:13+00:00 | Vulnerability · Source |
| CVE-2026-53247 | microsoft_vex | net: ethernet: mtk_eth_soc: Fix use-after-free in metadata dst teardown | known not affected: 1 | 2026-07-02T14:46:07+00:00 | Vulnerability · Source |
| CVE-2026-53217 | microsoft_vex | net: mvpp2: sync RX data at the hardware packet offset | known not affected: 1 | 2026-07-02T14:46:01+00:00 | Vulnerability · Source |
| CVE-2026-52964 | microsoft_vex | ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans | known not affected: 1 | 2026-07-02T14:45:54+00:00 | Vulnerability · Source |
| CVE-2026-53208 | microsoft_vex | Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig | fixed: 1 known affected: 2 | 2026-07-02T14:45:49+00:00 | Vulnerability · Source |
| CVE-2026-53041 | microsoft_vex | ocfs2: fix listxattr handling when the buffer is full | known not affected: 1 | 2026-07-02T14:45:43+00:00 | Vulnerability · Source |
| CVE-2026-53113 | microsoft_vex | wifi: ath11k: fix memory leaks in beacon template setup | known affected: 1 known not affected: 1 | 2026-07-02T14:45:37+00:00 | Vulnerability · Source |
| CVE-2026-53198 | microsoft_vex | ksmbd: fix use-after-free of a deferred file_lock on double SMB2_CANCEL | fixed: 1 known affected: 2 | 2026-07-02T14:45:32+00:00 | Vulnerability · Source |
| CVE-2026-52957 | microsoft_vex | libceph: Fix potential null-ptr-deref in decode_choose_args() | fixed: 1 known affected: 2 | 2026-07-02T14:45:26+00:00 | Vulnerability · Source |
| CVE-2026-53017 | microsoft_vex | f2fs: fix data loss caused by incorrect use of nat_entry flag | known affected: 1 known not affected: 1 | 2026-07-02T14:45:19+00:00 | Vulnerability · Source |
| CVE-2026-53018 | microsoft_vex | f2fs: avoid reading already updated pages during GC | known affected: 1 known not affected: 1 | 2026-07-02T14:45:13+00:00 | Vulnerability · Source |
| CVE-2026-53161 | microsoft_vex | misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context | known not affected: 1 | 2026-07-02T14:45:07+00:00 | Vulnerability · Source |
| CVE-2026-47770 | microsoft_vex | jq: stack overflow in deep structural equality | fixed: 2 known affected: 2 | 2026-07-02T14:44:59+00:00 | Vulnerability · Source |
| CVE-2026-54679 | microsoft_vex | jq: potential integer overflow in jvp_string_append | known affected: 1 known not affected: 1 | 2026-07-02T14:44:52+00:00 | Vulnerability · Source |
| CVE-2026-49839 | microsoft_vex | jq --rawfile invalid-state reuse after String too long causes heap-buffer-overflow | fixed: 2 known affected: 2 | 2026-07-02T14:44:46+00:00 | Vulnerability · Source |
| CVE-2026-42504 | microsoft_vex | Quadratic complexity in WordDecoder.DecodeHeader in mime | fixed: 3 known affected: 4 known not affected: 3 | 2026-07-02T14:44:19+00:00 | Vulnerability · Source |
| CVE-2026-43311 | microsoft_vex | soc/tegra: pmc: Fix unsafe generic_handle_irq() call | fixed: 1 known affected: 5 | 2026-07-02T14:44:01+00:00 | Vulnerability · Source |
| CVE-2026-43303 | microsoft_vex | mm/page_alloc: clear page->private in free_pages_prepare() | fixed: 1 known affected: 5 | 2026-07-02T14:43:55+00:00 | Vulnerability · Source |
| CVE-2026-43319 | microsoft_vex | spi: spidev: fix lock inversion between spi_lock and buf_lock | fixed: 1 known affected: 1 under investigation: 4 | 2026-07-02T14:43:48+00:00 | Vulnerability · Source |
| CVE-2026-43331 | microsoft_vex | x86/kexec: Disable KCOV instrumentation after load_segments() | fixed: 1 known affected: 1 under investigation: 4 | 2026-07-02T14:43:42+00:00 | Vulnerability · Source |
| CVE-2026-43088 | microsoft_vex | net: af_key: zero aligned sockaddr tail in PF_KEY exports | fixed: 1 known affected: 5 | 2026-07-02T14:43:35+00:00 | Vulnerability · Source |
| CVE-2026-43116 | microsoft_vex | netfilter: ctnetlink: ensure safe access to master conntrack | fixed: 1 known affected: 5 | 2026-07-02T14:43:29+00:00 | Vulnerability · Source |
| CVE-2026-43129 | microsoft_vex | ima: verify the previous kernel's IMA buffer lies in addressable RAM | fixed: 1 known affected: 5 | 2026-07-02T14:43:23+00:00 | Vulnerability · Source |
| CVE-2026-7531 | microsoft_vex | Use-after-free in PQC hybrid key-share handling | known not affected: 1 | 2026-07-02T14:43:16+00:00 | Vulnerability · Source |
| CVE-2026-43019 | microsoft_vex | Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync | fixed: 1 known affected: 6 | 2026-07-02T14:43:11+00:00 | Vulnerability · Source |
| CVE-2026-6412 | microsoft_vex | Continued acceptance of SHA-1/MD5 digests in certificate processing | known not affected: 1 | 2026-07-02T14:43:09+00:00 | Vulnerability · Source |
| CVE-2026-43052 | microsoft_vex | wifi: mac80211: check tdls flag in ieee80211_tdls_oper | fixed: 1 known affected: 6 | 2026-07-02T14:43:04+00:00 | Vulnerability · Source |
| CVE-2026-6092 | microsoft_vex | Encrypt-then-MAC could fall back to MAC-then-Encrypt when HAVE_ENCRYPT_THEN_MAC is configured | known not affected: 1 | 2026-07-02T14:43:03+00:00 | Vulnerability · Source |
| CVE-2026-23394 | microsoft_vex | af_unix: Give up GC if MSG_PEEK intervened. | fixed: 1 known affected: 7 | 2026-07-02T14:42:58+00:00 | Vulnerability · Source |
| CVE-2026-11310 | microsoft_vex | X.509 trust-chain bypass in wolfSSL_X509_verify_cert() via untrusted intermediate anchoring | known not affected: 1 | 2026-07-02T14:42:57+00:00 | Vulnerability · Source |
| CVE-2026-10097 | microsoft_vex | ML-KEM-1024 x64 AVX2 incomplete cipher text comparison enables IND-CCA2 break and static private-key recovery | known not affected: 1 | 2026-07-02T14:42:51+00:00 | Vulnerability · Source |
| CVE-2026-31486 | microsoft_vex | hwmon: (pmbus/core) Protect regulator operations with mutex | fixed: 1 known affected: 8 | 2026-07-02T14:42:51+00:00 | Vulnerability · Source |
| CVE-2026-10098 | microsoft_vex | OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status | known not affected: 1 | 2026-07-02T14:42:45+00:00 | Vulnerability · Source |
| CVE-2026-31419 | microsoft_vex | net: bonding: fix use-after-free in bond_xmit_broadcast() | fixed: 1 known affected: 7 | 2026-07-02T14:42:42+00:00 | Vulnerability · Source |
| CVE-2026-8720 | microsoft_vex | HMAC-BLAKE2 final discards message when key length exceeds block size | known not affected: 1 | 2026-07-02T14:42:38+00:00 | Vulnerability · Source |
| CVE-2026-12340 | microsoft_vex | Out-of-bounds heap read in SM2/SM3 certificate Subject Key Identifier computation | known not affected: 1 | 2026-07-02T14:42:32+00:00 | Vulnerability · Source |
| CVE-2026-23346 | microsoft_vex | arm64: io: Extract user memory type in ioremap_prot() | fixed: 1 known affected: 8 | 2026-07-02T14:42:29+00:00 | Vulnerability · Source |
| CVE-2026-10512 | microsoft_vex | X25519 x86_64 assembly final reduction leaves non-canonical field element | known not affected: 1 | 2026-07-02T14:42:26+00:00 | Vulnerability · Source |
| CVE-2026-10592 | microsoft_vex | Wildcard DNS SAN bypasses CA name-constraint checks | known not affected: 1 | 2026-07-02T14:42:20+00:00 | Vulnerability · Source |
| CVE-2026-6091 | microsoft_vex | Partial-chain verification accepts untrusted intermediate as trust anchor | known not affected: 1 | 2026-07-02T14:42:13+00:00 | Vulnerability · Source |
| CVE-2026-6325 | microsoft_vex | Out-of-bounds write in SetSuitesHashSigAlgo on oversized signature algorithms list | known not affected: 1 | 2026-07-02T14:42:06+00:00 | Vulnerability · Source |
| CVE-2026-55958 | microsoft_vex | Renesas TSIP TLS 1.3 transcript buffer out-of-bounds write in tsip_StoreMessage | known not affected: 1 | 2026-07-02T14:41:59+00:00 | Vulnerability · Source |