VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
222279 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-5404 | redhat_vex | wireshark: Wireshark: Denial of service due to K12 RF5 file parser crash | known affected: 20 | 2026-07-02T12:46:11+00:00 | Vulnerability · Source |
| CVE-2026-5407 | redhat_vex | Wireshark: Wireshark: Denial of Service from malicious SMB2 protocol data | known affected: 20 | 2026-07-02T12:46:11+00:00 | Vulnerability · Source |
| CVE-2026-5401 | redhat_vex | wireshark: Wireshark: Denial of service via AFP Spotlight protocol dissector crash | known affected: 20 | 2026-07-02T12:44:19+00:00 | Vulnerability · Source |
| CVE-2026-58517 | redhat_vex | wikilambda: WikiLambda Extension: Authentication bypass due to improper input neutralization | known not affected: 1 | 2026-07-02T12:31:28+00:00 | Vulnerability · Source |
| CVE-2026-43048 | redhat_vex | kernel: HID: core: Mitigate potential OOB by removing bogus memset() | known affected: 274 | 2026-07-02T12:26:50+00:00 | Vulnerability · Source |
| CVE-2021-34432 | redhat_vex | mosquitto: DoS when client tries to send a PUBLISH packet with topic length = 0 | known not affected: 1 | 2026-07-02T11:20:47+00:00 | Vulnerability · Source |
| CVE-2026-42960 | redhat_vex | unbound: Unbound DNS Cache Poisoning via Promiscuous Additional Section RRSet Acceptance | fixed: 4 known affected: 30 | 2026-07-02T10:33:58+00:00 | Vulnerability · Source |
| CVE-2026-49851 | redhat_vex | Mistune: Mistune: Denial of Service via crafted Markdown input | known affected: 20 known not affected: 5 | 2026-07-02T09:42:59+00:00 | Vulnerability · Source |
| CVE-2026-5422 | redhat_vex | jupyter-server: jupyter-server: Sensitive data exposure via path traversal vulnerability | known affected: 14 known not affected: 2 | 2026-07-02T09:42:59+00:00 | Vulnerability · Source |
| CVE-2026-9800 | redhat_vex | keycloak-policy-enforcer: Keycloak Policy Enforcer: Authorization bypass via incorrect URI comparison | fixed: 20 known affected: 3 under investigation: 6 | 2026-07-02T09:35:16+00:00 | Vulnerability · Source |
| CVE-2026-45287 | redhat_vex | go.opentelemetry.io/otel: go.opentelemetry.io/otel/schema/v1.0: go.opentelemetry.io/otel/schema/v1.1: OpenTelemetry-Go: Denial of Service due to file descriptor leak | fixed: 30 known affected: 116 known not affected: 75 under investigation: 883 | 2026-07-02T09:33:38+00:00 | Vulnerability · Source |
| CVE-2022-25881 | redhat_vex | http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability | fixed: 290 known affected: 60 known not affected: 38 | 2026-07-02T09:02:53+00:00 | Vulnerability · Source |
| CVE-2024-22019 | redhat_vex | nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks | fixed: 402 known affected: 1 | 2026-07-02T08:59:00+00:00 | Vulnerability · Source |
| CVE-2026-54257 | redhat_vex | electron: Electron: Buffer performs incorrect byte length calculations resulting in heap buffer under/overflow | known not affected: 1 | 2026-07-02T08:58:24+00:00 | Vulnerability · Source |
| CVE-2016-2183 | redhat_vex | SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) | fixed: 1036 known affected: 26 known not affected: 749 | 2026-07-02T08:57:53+00:00 | Vulnerability · Source |
| CVE-2026-49356 | redhat_vex | @babel/core: @babel/core: Arbitrary file read via sourceMappingURL comment | known not affected: 110 | 2026-07-02T08:22:16+00:00 | Vulnerability · Source |
| CVE-2026-11820 | redhat_vex | community.general: community.general nexmo — API credentials exposed in GET URL query string[SECURITY] community.general nexmo — API credentials exposed in GET URL query string | under investigation: 4 | 2026-07-02T08:00:58+00:00 | Vulnerability · Source |
| CVE-2026-10805 | redhat_vex | NetworkManager: NetworkManager: Local privilege escalation via malformed MUD URLs in dhclient backend | known affected: 122 | 2026-07-02T07:18:15+00:00 | Vulnerability · Source |
| CVE-2026-41635 | redhat_vex | Apache MINA: Apache MINA: Arbitrary code execution via classname allowlist bypass | fixed: 1 known affected: 4 known not affected: 22 | 2026-07-02T05:43:40+00:00 | Vulnerability · Source |
| CVE-2026-47214 | redhat_vex | docling: Docling: Unsafe URI and Path Handling in HTML Backend | known affected: 1 | 2026-07-02T05:34:27+00:00 | Vulnerability · Source |
| CVE-2026-43827 | redhat_vex | apache-shiro: Apache Shiro: Session fixation vulnerability due to improper session invalidation upon login | known affected: 2 | 2026-07-02T00:50:42+00:00 | Vulnerability · Source |
| CVE-2026-14101 | redhat_vex | chromium-browser: Insufficient policy enforcement in Sandbox | known not affected: 1 | 2026-07-02T00:14:58+00:00 | Vulnerability · Source |
| CVE-2026-5135 | redhat_vex | foreman: Foreman: Unauthorized modification of host configurations via broken access control | fixed: 103 known affected: 17 known not affected: 132 | 2026-07-01T23:53:14+00:00 | Vulnerability · Source |
| CVE-2026-5142 | redhat_vex | foreman: foreman: Cross-tenant private SSH key disclosure via taxonomy scoping bypass | fixed: 103 known affected: 17 known not affected: 132 | 2026-07-01T23:53:12+00:00 | Vulnerability · Source |
| CVE-2026-5138 | redhat_vex | foreman: Foreman: Information disclosure via improper validation of nested request parameters | fixed: 103 known affected: 17 known not affected: 132 | 2026-07-01T23:53:11+00:00 | Vulnerability · Source |
| CVE-2026-46483 | redhat_vex | vim: command injection when decompressing .tgz archives | fixed: 393 known affected: 33 | 2026-07-01T23:53:01+00:00 | Vulnerability · Source |
| CVE-2026-41411 | redhat_vex | vim: Vim: Command injection allows arbitrary code execution via malicious tag files | fixed: 436 known affected: 13 known not affected: 166 | 2026-07-01T23:52:59+00:00 | Vulnerability · Source |
| CVE-2026-35177 | redhat_vex | vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass | fixed: 414 known affected: 13 known not affected: 189 | 2026-07-01T23:52:58+00:00 | Vulnerability · Source |
| CVE-2026-27727 | redhat_vex | com.mchange/mchange-commons-java: mchange-commons-java: Arbitrary code execution via JNDI dereferencing of crafted objects | fixed: 23 known affected: 8 known not affected: 466 | 2026-07-01T23:40:34+00:00 | Vulnerability · Source |
| CVE-2026-5136 | redhat_vex | foreman: Foreman: Privilege escalation to administrator-level access via usergroup role assignment manipulation | fixed: 103 known affected: 17 known not affected: 132 | 2026-07-01T23:40:26+00:00 | Vulnerability · Source |
| CVE-2026-55577 | redhat_vex | ImageMagick: ImageMagick: Heap buffer overflow in MVG decoder allows out-of-bounds write | known affected: 14 | 2026-07-01T23:08:56+00:00 | Vulnerability · Source |
| CVE-2026-55628 | redhat_vex | ImageMagick: ImageMagick: Unauthorized file access due to missing policy checks in concatenate operation | known affected: 14 | 2026-07-01T23:08:56+00:00 | Vulnerability · Source |
| CVE-2026-53466 | redhat_vex | ImageMagick: ImageMagick: Denial of Service via integer overflow in XCF decoder | known affected: 14 | 2026-07-01T23:08:56+00:00 | Vulnerability · Source |
| CVE-2026-55594 | redhat_vex | ImageMagick: ImageMagick: Denial of Service via crafted image in MVG decoder | known affected: 14 | 2026-07-01T23:01:49+00:00 | Vulnerability · Source |
| CVE-2025-69228 | redhat_vex | aiohttp: aiohttp: Denial of Service via memory exhaustion from crafted POST request | fixed: 27 known affected: 80 known not affected: 726 | 2026-07-01T22:53:03+00:00 | Vulnerability · Source |
| CVE-2025-69227 | redhat_vex | aiohttp: aiohttp: Denial of Service via specially crafted POST request | fixed: 31 known affected: 75 known not affected: 837 | 2026-07-01T22:48:22+00:00 | Vulnerability · Source |
| CVE-2026-55595 | redhat_vex | ImageMagick: ImageMagick: Denial of Service via invalid arguments to connected-components option | known affected: 14 | 2026-07-01T22:25:25+00:00 | Vulnerability · Source |
| CVE-2026-53467 | redhat_vex | ImageMagick: ImageMagick: Information disclosure vulnerability in MNG decoder | known affected: 14 | 2026-07-01T22:25:25+00:00 | Vulnerability · Source |
| CVE-2026-55510 | redhat_vex | ImageMagick: ImageMagick: Denial of Service via crafted 8BIM profile | known affected: 14 | 2026-07-01T22:20:58+00:00 | Vulnerability · Source |
| CVE-2026-55597 | redhat_vex | ImageMagick: ImageMagick: Heap buffer overwrite via incorrect argument handling in JP2 encoder | known affected: 14 | 2026-07-01T22:09:47+00:00 | Vulnerability · Source |
| CVE-2026-2291 | redhat_vex | dnsmasq: dnsmasq: heap buffer overflow in cache via NAME_ESCAPE expansion | fixed: 84 known affected: 7 | 2026-07-01T21:22:15+00:00 | Vulnerability · Source |
| CVE-2026-4892 | redhat_vex | dnsmasq: DHCPv6 CLID buffer overflow in helper process | fixed: 84 known affected: 7 | 2026-07-01T21:22:15+00:00 | Vulnerability · Source |
| CVE-2026-4893 | redhat_vex | dnsmasq: Broken ECS source validation bypass | fixed: 84 known affected: 7 | 2026-07-01T21:22:15+00:00 | Vulnerability · Source |
| CVE-2026-4890 | redhat_vex | dnsmasq: NSEC bitmap parsing infinite loop | fixed: 84 under investigation: 7 | 2026-07-01T21:22:15+00:00 | Vulnerability · Source |
| CVE-2026-45491 | redhat_vex | dotnet: .NET: Local file tampering via link following vulnerability | fixed: 1441 known not affected: 2 | 2026-07-01T21:04:35+00:00 | Vulnerability · Source |
| CVE-2026-5051 | redhat_vex | Vault: Vault Enterprise: HashiCorp Vault: Audit device validation bypass via legacy file audit path option | known not affected: 6 | 2026-07-01T20:33:40+00:00 | Vulnerability · Source |
| CVE-2026-53346 | redhat_vex | kernel: rust: arm64: set uwtable llvm module flag for CONFIG_UNWIND_TABLES | known not affected: 274 | 2026-07-01T20:25:20+00:00 | Vulnerability · Source |
| CVE-2026-53333 | redhat_vex | kernel: mm/mincore: handle non-swap entries before !CONFIG_SWAP guard | known affected: 14 known not affected: 260 | 2026-07-01T20:16:12+00:00 | Vulnerability · Source |
| CVE-2026-53353 | redhat_vex | kernel: hsr: Remove WARN_ONCE() in hsr_addr_is_self() | known affected: 184 known not affected: 90 | 2026-07-01T19:52:15+00:00 | Vulnerability · Source |
| CVE-2026-53348 | redhat_vex | kernel: ASoC: SDCA: fix NULL pointer dereference in sdca_dev_unregister_functions | known affected: 184 known not affected: 90 | 2026-07-01T19:52:14+00:00 | Vulnerability · Source |