VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
221683 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-59857 | redhat_vex | vim: Vim: Denial of Service via out-of-bounds write in spell sound-folding | fixed: 4 known affected: 33 | 2026-07-14T11:37:31+00:00 | Vulnerability · Source |
| CVE-2026-59858 | redhat_vex | vim: Vim: Arbitrary command execution via crafted tags file in C omni-completion | fixed: 4 known affected: 33 | 2026-07-14T11:37:25+00:00 | Vulnerability · Source |
| CVE-2026-59856 | redhat_vex | vim: Vim: Arbitrary code execution via crafted PHP file in omni-completion | fixed: 4 known affected: 33 | 2026-07-14T11:35:29+00:00 | Vulnerability · Source |
| CVE-2026-53365 | redhat_vex | kernel: vsock/virtio: fix zerocopy completion for multi-skb sends | known affected: 184 known not affected: 90 | 2026-07-14T11:18:08+00:00 | Vulnerability · Source |
| CVE-2026-2673 | redhat_vex | openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group | fixed: 4 known affected: 16 known not affected: 30 | 2026-07-14T11:09:45+00:00 | Vulnerability · Source |
| CVE-2026-31411 | redhat_vex | kernel: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() | fixed: 453 known affected: 64 known not affected: 76 | 2026-07-14T11:08:04+00:00 | Vulnerability · Source |
| CVE-2025-71089 | redhat_vex | kernel: iommu: disable SVA when CONFIG_X86 is set | fixed: 1364 known affected: 98 known not affected: 42 | 2026-07-14T11:08:01+00:00 | Vulnerability · Source |
| CVE-2025-71066 | redhat_vex | kernel: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change | fixed: 762 known affected: 22 known not affected: 42 | 2026-07-14T11:08:01+00:00 | Vulnerability · Source |
| CVE-2026-54059 | redhat_vex | python-pillow: Pillow: Denial of Service via crafted PCF font data | fixed: 52 known affected: 10 | 2026-07-14T10:53:27+00:00 | Vulnerability · Source |
| CVE-2026-46529 | redhat_vex | atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen | fixed: 301 known affected: 12 | 2026-07-14T10:53:22+00:00 | Vulnerability · Source |
| CVE-2026-53266 | redhat_vex | kernel: Linux kernel: netfilter: ebtables SNAT target writes to shared memory pages during ARP hardware address rewrite | fixed: 453 known affected: 99 known not affected: 42 | 2026-07-14T10:52:02+00:00 | Vulnerability · Source |
| CVE-2026-42880 | redhat_vex | argoproj/argo-cd: Argo CD: Information disclosure of Kubernetes Secret data via Server-Side Apply dry-run mechanism | fixed: 20 known affected: 1 known not affected: 112 | 2026-07-14T10:16:24+00:00 | Vulnerability · Source |
| CVE-2026-12478 | redhat_vex | libsoup: Incomplete fix for CVE-2026-0716: Out-of-bounds read in libsoup WebSocket frame processing (unmasked path) | known affected: 4 | 2026-07-14T10:06:12+00:00 | Vulnerability · Source |
| CVE-2026-59939 | redhat_vex | httplib2: httplib2: Denial of Service via unbounded decompression of HTTP response bodies | known affected: 212 known not affected: 1 | 2026-07-14T10:05:52+00:00 | Vulnerability · Source |
| CVE-2025-65637 | redhat_vex | github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload | fixed: 2037 known affected: 272 known not affected: 22243 | 2026-07-14T09:59:33+00:00 | Vulnerability · Source |
| CVE-2026-4430 | redhat_vex | LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents | fixed: 2854 known affected: 316 | 2026-07-14T07:56:16+00:00 | Vulnerability · Source |
| CVE-2026-52718 | redhat_vex | gstreamer1-plugins-bad-free: GStreamer: Denial of service via AV1 tile_list_obu parser byte/bit confusion | fixed: 83 known affected: 5 known not affected: 11 | 2026-07-14T07:45:58+00:00 | Vulnerability · Source |
| CVE-2026-52719 | redhat_vex | gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder | fixed: 83 known affected: 5 known not affected: 11 | 2026-07-14T07:45:54+00:00 | Vulnerability · Source |
| CVE-2026-12413 | redhat_vex | librenswan: IKEv2 Denial of Service via malformed fragmentation | known affected: 10 known not affected: 3 | 2026-07-14T07:31:06+00:00 | Vulnerability · Source |
| CVE-2026-50722 | redhat_vex | librenswan: IKEv2 Denial of Service via RSA-SHA1 (PKCS#1 RSASSA-PKCS1-v1_5) authentication payload | known affected: 13 | 2026-07-14T06:50:36+00:00 | Vulnerability · Source |
| CVE-2026-56209 | redhat_vex | libaom: libaom: arbitrary address write via SVC layer context OOB and cyclic refresh map pointer hijack | fixed: 3 known affected: 51 known not affected: 3 | 2026-07-14T06:22:15+00:00 | Vulnerability · Source |
| CVE-2026-58049 | redhat_vex | FFmpeg: FFmpeg: Memory corruption via crafted RASC video stream | known affected: 50 known not affected: 3 | 2026-07-14T06:22:13+00:00 | Vulnerability · Source |
| CVE-2026-56211 | redhat_vex | libaom: libaom: remote code execution via SVC layer context handling with attacker-controlled frames | fixed: 3 known affected: 51 known not affected: 3 | 2026-07-14T06:22:12+00:00 | Vulnerability · Source |
| CVE-2026-55574 | redhat_vex | vllm: vLLM: Denial of Service via adversarial regular expression in structured outputs API | known affected: 22 known not affected: 4 | 2026-07-14T06:21:21+00:00 | Vulnerability · Source |
| CVE-2026-56210 | redhat_vex | libaom: libaom: heap-buffer-overflow read via missing bounds check in ctrl_set_layer_id | fixed: 3 known affected: 51 known not affected: 3 | 2026-07-14T06:21:16+00:00 | Vulnerability · Source |
| CVE-2026-54234 | redhat_vex | vllm: vLLM: Denial of Service via malformed speculative decoding workload | known affected: 22 known not affected: 4 | 2026-07-14T06:21:02+00:00 | Vulnerability · Source |
| CVE-2026-50721 | redhat_vex | librenswan: IKEv1 Denial of Service via RSA-SHA1 (PKCS#1 Version 1.5 Encrypted) authentication payload | known affected: 13 | 2026-07-14T06:00:42+00:00 | Vulnerability · Source |
| CVE-2025-55005 | redhat_vex | imagemagick: ImageMagick: heap-buffer overflow | known affected: 14 | 2026-07-14T05:37:06+00:00 | Vulnerability · Source |
| CVE-2025-53101 | redhat_vex | ImageMagick: ImageMagick Stack Buffer Overflow | known affected: 14 | 2026-07-14T05:37:02+00:00 | Vulnerability · Source |
| CVE-2025-53019 | redhat_vex | ImageMagick: ImageMagick Memory Leak | known affected: 14 | 2026-07-14T05:37:02+00:00 | Vulnerability · Source |
| CVE-2025-55298 | redhat_vex | ImageMagick: ImageMagick Format String Bug in InterpretImageFilename leads to arbitrary code execution | known affected: 7 known not affected: 7 | 2026-07-14T05:36:58+00:00 | Vulnerability · Source |
| CVE-2025-55004 | redhat_vex | imagemagick: ImageMagick: heap-buffer overflow | known affected: 7 known not affected: 7 | 2026-07-14T05:36:57+00:00 | Vulnerability · Source |
| CVE-2025-53015 | redhat_vex | ImageMagick: ImageMagick unbounded loop | known affected: 14 | 2026-07-14T05:36:53+00:00 | Vulnerability · Source |
| CVE-2025-55160 | redhat_vex | imagemagick: ImageMagick: Undefined Behavior | known affected: 14 | 2026-07-14T05:36:52+00:00 | Vulnerability · Source |
| CVE-2026-42055 | redhat_vex | nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers | fixed: 395 known affected: 1 known not affected: 2 | 2026-07-14T05:36:49+00:00 | Vulnerability · Source |
| CVE-2025-55154 | redhat_vex | imagemagick: ImageMagick: integer overflows in MNG magnification | fixed: 51 known affected: 7 | 2026-07-14T05:36:25+00:00 | Vulnerability · Source |
| CVE-2023-39326 | redhat_vex | golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests | fixed: 2570 known affected: 71 known not affected: 987 | 2026-07-14T05:00:40+00:00 | Vulnerability · Source |
| CVE-2026-14461 | microsoft_vex | Out-of-bound read in mtr | fixed: 1 known affected: 1 | 2026-07-14T01:39:17+00:00 | Vulnerability · Source |
| CVE-2026-12480 | microsoft_vex | Arbitrary HDF5 File Read via Virtual Dataset Bypass in keras-team/keras | fixed: 1 known affected: 1 | 2026-07-14T01:38:59+00:00 | Vulnerability · Source |
| CVE-2026-55689 | redhat_vex | openfga: OpenFGA: OIDC audience validation skipped when --authn-oidc-audience is unset | known affected: 9 | 2026-07-14T01:35:32+00:00 | Vulnerability · Source |
| CVE-2026-55170 | redhat_vex | github.com/openfga/openfga: OpenFGA: Incorrect authorization decisions due to case-insensitive comparisons in MySQL datastore | known affected: 9 | 2026-07-14T01:35:32+00:00 | Vulnerability · Source |
| CVE-2026-57156 | redhat_vex | FreeRDP: FreeRDP: Arbitrary code execution or denial of service via integer overflow in RDP message processing | known affected: 31 | 2026-07-14T01:25:33+00:00 | Vulnerability · Source |
| CVE-2026-40467 | microsoft_vex | Use after free in gawk | known affected: 1 | 2026-07-14T01:01:41+00:00 | Vulnerability · Source |
| CVE-2026-40468 | microsoft_vex | Heap buffer overflow in gawk | known affected: 1 | 2026-07-14T01:01:35+00:00 | Vulnerability · Source |
| CVE-2026-40469 | microsoft_vex | Heap buffer overflow in gawk | known affected: 1 | 2026-07-14T01:01:29+00:00 | Vulnerability · Source |
| CVE-2026-40553 | microsoft_vex | Stack-based buffer overflow in gawk | known affected: 1 | 2026-07-14T01:01:22+00:00 | Vulnerability · Source |
| CVE-2026-57158 | redhat_vex | FreeRDP: FreeRDP: Information disclosure via truncated RDPGFX planar payload | known affected: 31 | 2026-07-13T23:25:46+00:00 | Vulnerability · Source |
| CVE-2026-57157 | redhat_vex | FreeRDP: FreeRDP: Out-of-bounds read leads to information disclosure and denial of service | known affected: 31 | 2026-07-13T23:25:45+00:00 | Vulnerability · Source |
| CVE-2023-48795 | redhat_vex | ssh: Prefix truncation attack on Binary Packet Protocol (BPP) | fixed: 2195 known affected: 153 known not affected: 12094 | 2026-07-13T23:21:57+00:00 | Vulnerability · Source |
| CVE-2026-55827 | redhat_vex | FreeRDP: FreeRDP: Remote code execution via heap out-of-bounds write in RemoteFX decoding | known affected: 31 | 2026-07-13T23:13:09+00:00 | Vulnerability · Source |