VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221684 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2024-36357 redhat_vex kernel: transient execution vulnerability in some AMD processors fixed: 935 known affected: 136 2026-07-11T22:02:52+00:00 Vulnerability · Source
CVE-2024-7347 redhat_vex nginx: specially crafted MP4 file may cause denial of service fixed: 632 known affected: 21 known not affected: 11 2026-07-11T22:02:36+00:00 Vulnerability · Source
CVE-2025-46817 redhat_vex redis: Lua library commands may lead to integer overflow and potential RCE fixed: 286 known not affected: 147 2026-07-11T22:02:29+00:00 Vulnerability · Source
CVE-2024-55549 redhat_vex libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) fixed: 351 known affected: 4 known not affected: 2425 2026-07-11T22:02:22+00:00 Vulnerability · Source
CVE-2025-61915 redhat_vex CUPS: Local denial-of-service via cupsd.conf update and related issues fixed: 14 known affected: 15 known not affected: 262 2026-07-11T21:58:23+00:00 Vulnerability · Source
CVE-2025-9817 redhat_vex Wireshark: NULL Pointer Dereference in Wireshark fixed: 74 known affected: 4 known not affected: 12 2026-07-11T21:58:22+00:00 Vulnerability · Source
CVE-2025-53906 redhat_vex vim: Vim path traversal fixed: 422 known affected: 13 known not affected: 4 2026-07-11T21:58:09+00:00 Vulnerability · Source
CVE-2025-54349 redhat_vex iperf3: iperf Heap Buffer Overflow fixed: 190 known not affected: 3 2026-07-11T21:58:05+00:00 Vulnerability · Source
CVE-2025-11561 redhat_vex sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems fixed: 4895 known affected: 31 known not affected: 24 2026-07-11T21:57:37+00:00 Vulnerability · Source
CVE-2025-7493 redhat_vex FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA fixed: 1318 known affected: 7 2026-07-11T21:52:19+00:00 Vulnerability · Source
CVE-2025-53905 redhat_vex vim: Vim path traversial fixed: 422 known affected: 13 known not affected: 4 2026-07-11T21:47:12+00:00 Vulnerability · Source
CVE-2025-40779 redhat_vex kea: Kea crash upon interaction between specific client options and subnet selection fixed: 90 2026-07-11T21:47:10+00:00 Vulnerability · Source
CVE-2025-10921 redhat_vex gimp: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability fixed: 121 known affected: 6 known not affected: 5 2026-07-11T21:42:47+00:00 Vulnerability · Source
CVE-2025-10922 redhat_vex gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability fixed: 591 known affected: 6 2026-07-11T21:42:44+00:00 Vulnerability · Source
CVE-2025-10934 redhat_vex gimp: GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability fixed: 591 known affected: 6 2026-07-11T21:42:40+00:00 Vulnerability · Source
CVE-2025-11232 redhat_vex kea: Invalid characters cause assert fixed: 90 2026-07-11T21:42:33+00:00 Vulnerability · Source
CVE-2025-10925 redhat_vex gimp: GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability fixed: 121 known affected: 6 known not affected: 5 2026-07-11T21:42:30+00:00 Vulnerability · Source
CVE-2025-10923 redhat_vex gimp: GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability fixed: 121 known affected: 6 known not affected: 5 2026-07-11T21:42:07+00:00 Vulnerability · Source
CVE-2025-10924 redhat_vex gimp: GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability fixed: 121 known affected: 6 known not affected: 5 2026-07-11T21:41:55+00:00 Vulnerability · Source
CVE-2025-10920 redhat_vex gimp: GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability fixed: 121 known affected: 6 known not affected: 5 2026-07-11T21:40:36+00:00 Vulnerability · Source
CVE-2025-49844 redhat_vex Redis: Redis Lua Use-After-Free may lead to remote code execution fixed: 298 known not affected: 261 2026-07-11T21:32:42+00:00 Vulnerability · Source
CVE-2024-10573 redhat_vex mpg123: Buffer overflow when writing decoded PCM samples fixed: 118 known affected: 4 2026-07-11T21:26:33+00:00 Vulnerability · Source
CVE-2025-6176 redhat_vex Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS fixed: 778 known affected: 3 known not affected: 236 2026-07-11T21:21:13+00:00 Vulnerability · Source
CVE-2024-6174 redhat_vex cloud-init: Cloud init permissions flaw fixed: 22 known affected: 2 2026-07-11T21:16:43+00:00 Vulnerability · Source
CVE-2023-5574 redhat_vex xorg-x11-server: Use-after-free bug in DamageDestroy fixed: 40 known affected: 38 known not affected: 26 2026-07-11T21:12:08+00:00 Vulnerability · Source
CVE-2025-48866 redhat_vex mod_security: ModSecurity Denial of Service Vulnerability fixed: 84 known affected: 6 2026-07-11T21:06:37+00:00 Vulnerability · Source
CVE-2025-8176 redhat_vex libtiff: LibTIFF Use-After-Free Vulnerability fixed: 239 known not affected: 50 2026-07-11T21:01:25+00:00 Vulnerability · Source
CVE-2025-45582 redhat_vex tar: Tar path traversal fixed: 62 known affected: 6 known not affected: 54 2026-07-11T21:01:25+00:00 Vulnerability · Source
CVE-2025-43865 redhat_vex react-router: React Router allows pre-render data spoofing on React-Router framework mode fixed: 4 known not affected: 76 2026-07-11T20:41:01+00:00 Vulnerability · Source
CVE-2025-22150 redhat_vex undici: Undici Uses Insufficiently Random Values fixed: 352 known affected: 3 known not affected: 107 2026-07-11T20:40:51+00:00 Vulnerability · Source
CVE-2024-7557 redhat_vex odh-dashboard: odh-model-controller: Cross-Model Authentication Bypass in OpenShift AI known affected: 4 2026-07-11T20:40:47+00:00 Vulnerability · Source
CVE-2025-31137 redhat_vex react-router: Remix Host Header Spoofing Vulnerability known affected: 1 known not affected: 83 2026-07-11T20:40:39+00:00 Vulnerability · Source
CVE-2025-14025 redhat_vex ansible-automation-platform/aap-gateway: aap-gateway: Read-only Personal Access Token (PAT) bypasses write restrictions fixed: 11 known not affected: 213 2026-07-11T20:35:04+00:00 Vulnerability · Source
CVE-2025-26699 redhat_vex django: Potential denial-of-service vulnerability in django.utils.text.wrap() fixed: 26 known affected: 7 known not affected: 458 2026-07-11T20:30:05+00:00 Vulnerability · Source
CVE-2025-62727 redhat_vex starlette: Starlette DoS via Range header merging fixed: 84 known affected: 18 known not affected: 423 2026-07-11T20:25:12+00:00 Vulnerability · Source
CVE-2025-27610 redhat_vex rack: rubygem-rack: Local File Inclusion in Rack::Static fixed: 121 known affected: 6 known not affected: 2033 2026-07-11T20:20:22+00:00 Vulnerability · Source
CVE-2025-47287 redhat_vex tornado: Tornado Multipart Form-Data Denial of Service fixed: 132 known affected: 3 known not affected: 6 2026-07-11T20:20:15+00:00 Vulnerability · Source
CVE-2025-67725 redhat_vex tornado: Tornado Quadratic DoS via Repeated Header Coalescing fixed: 134 known affected: 13 known not affected: 399 2026-07-11T20:10:21+00:00 Vulnerability · Source
CVE-2025-67726 redhat_vex tornado: Tornado Quadratic DoS via Crafted Multipart Parameters fixed: 134 known affected: 14 known not affected: 398 2026-07-11T20:10:19+00:00 Vulnerability · Source
CVE-2025-46727 redhat_vex rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser fixed: 155 known affected: 8 known not affected: 72 2026-07-11T20:05:05+00:00 Vulnerability · Source
CVE-2025-59830 redhat_vex rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters fixed: 154 known affected: 18 known not affected: 355 2026-07-11T20:00:20+00:00 Vulnerability · Source
CVE-2025-61770 redhat_vex rack: Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion) fixed: 152 known affected: 8 known not affected: 230 2026-07-11T20:00:09+00:00 Vulnerability · Source
CVE-2025-61771 redhat_vex rack: Rack's multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion) fixed: 120 known affected: 16 known not affected: 222 2026-07-11T20:00:08+00:00 Vulnerability · Source
CVE-2025-61919 redhat_vex rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion fixed: 168 known affected: 10 known not affected: 359 2026-07-11T20:00:07+00:00 Vulnerability · Source
CVE-2025-61772 redhat_vex rack: Rack memory exhaustion denial of service fixed: 138 known affected: 41 2026-07-11T20:00:06+00:00 Vulnerability · Source
CVE-2025-23216 redhat_vex argocd: Argo CD does not scrub secret values from patch errors fixed: 70 2026-07-11T19:00:04+00:00 Vulnerability · Source
CVE-2024-13484 redhat_vex openshift-gitops-operator-container: Namespace Isolation Break fixed: 74 known not affected: 29 2026-07-11T19:00:04+00:00 Vulnerability · Source
CVE-2025-3415 redhat_vex grafana: Exposure of DingDing alerting integration URL to Viewer level users known not affected: 21 2026-07-11T17:42:33+00:00 Vulnerability · Source
CVE-2024-28956 redhat_vex microcode_ctl: From CVEorg collector fixed: 947 known affected: 65 known not affected: 5 2026-07-11T17:42:12+00:00 Vulnerability · Source
CVE-2025-47277 redhat_vex vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service fixed: 15 known not affected: 1 2026-07-11T17:42:06+00:00 Vulnerability · Source