VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221754 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2025-11839 redhat_vex binutils: GNU Binutils prdbg.c tg_tag_type return value fixed: 3 known affected: 77 2026-07-08T15:08:38+00:00 Vulnerability · Source
CVE-2025-11494 redhat_vex binutils: GNU Binutils Linker out-of-bounds read fixed: 3 known affected: 77 2026-07-08T15:08:34+00:00 Vulnerability · Source
CVE-2025-12817 redhat_vex postgresql: CREATE STATISTICS does not check for schema CREATE privilege fixed: 2933 known affected: 46 known not affected: 3 2026-07-08T15:08:31+00:00 Vulnerability · Source
CVE-2026-46315 redhat_vex kernel: io_uring/waitid: clear waitid info before copying it to userspace known affected: 184 known not affected: 90 2026-07-08T15:08:30+00:00 Vulnerability · Source
CVE-2026-46312 redhat_vex kernel: media: videobuf2: Set vma_flags in vb2_dma_sg_mmap known affected: 124 known not affected: 150 2026-07-08T15:08:29+00:00 Vulnerability · Source
CVE-2025-54500 redhat_vex nginx: HTTP/2 Vulnerability known not affected: 77 2026-07-08T15:08:28+00:00 Vulnerability · Source
CVE-2026-15044 redhat_vex trustyai-service-operator: TrustyAI Service Operator: Unauthenticated access to AI guardrails and orchestrator APIs known affected: 1 2026-07-08T15:08:24+00:00 Vulnerability · Source
CVE-2026-46309 redhat_vex kernel: drm/xe/uapi: Reject coh_none PAT index for CPU cached memory in madvise known affected: 184 known not affected: 90 2026-07-08T15:06:02+00:00 Vulnerability · Source
CVE-2026-32226 redhat_vex dotnet: .NET Framework: Denial of Service via race condition known not affected: 133 2026-07-08T15:04:03+00:00 Vulnerability · Source
CVE-2025-32414 redhat_vex libxml2: Out-of-Bounds Read in libxml2 fixed: 533 known affected: 5 known not affected: 16 2026-07-08T15:03:56+00:00 Vulnerability · Source
CVE-2025-32415 redhat_vex libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables fixed: 568 known affected: 5 known not affected: 18 2026-07-08T15:02:27+00:00 Vulnerability · Source
CVE-2026-50229 redhat_vex tomcat: Apache Tomcat: Cross-Site Scripting vulnerability in number guess example fixed: 2 known affected: 78 known not affected: 3 2026-07-08T14:58:37+00:00 Vulnerability · Source
CVE-2025-59464 redhat_vex nodejs: Nodejs memory leak fixed: 16 known affected: 6 known not affected: 68 2026-07-08T14:58:33+00:00 Vulnerability · Source
CVE-2026-40226 redhat_vex systemd: systemd nspawn: Escape-to-host action via crafted config file fixed: 4 known not affected: 131 2026-07-08T14:58:31+00:00 Vulnerability · Source
CVE-2025-59466 redhat_vex nodejs: Nodejs denial of service fixed: 456 2026-07-08T14:58:29+00:00 Vulnerability · Source
CVE-2026-21636 redhat_vex nodejs: Nodejs network segmentation bypass fixed: 16 known not affected: 74 2026-07-08T14:58:28+00:00 Vulnerability · Source
CVE-2026-21637 redhat_vex nodejs: Nodejs denial of service fixed: 567 2026-07-08T14:58:17+00:00 Vulnerability · Source
CVE-2025-68972 redhat_vex gnupg: GnuPG: Signature bypass via form feed character in signed messages fixed: 3 known affected: 15 2026-07-08T14:58:14+00:00 Vulnerability · Source
CVE-2026-55955 redhat_vex tomcat: Apache Tomcat: Replay attack via improper authentication in EncryptionInterceptor fixed: 4 known affected: 78 known not affected: 2 2026-07-08T14:58:11+00:00 Vulnerability · Source
CVE-2026-53143 redhat_vex kernel: drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11 known not affected: 274 2026-07-08T14:56:15+00:00 Vulnerability · Source
CVE-2026-53148 redhat_vex kernel: thunderbolt: Clamp XDomain response data copy to allocation size known not affected: 274 2026-07-08T14:54:57+00:00 Vulnerability · Source
CVE-2026-40225 redhat_vex systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output fixed: 4 known affected: 4 known not affected: 127 2026-07-08T14:54:07+00:00 Vulnerability · Source
CVE-2026-40224 redhat_vex systemd: systemd-machined: Local privilege escalation via varlink fixed: 4 known not affected: 131 2026-07-08T14:52:59+00:00 Vulnerability · Source
CVE-2025-64503 redhat_vex cups: cups-filters: cups-filters: Out-of-bounds write via crafted PDF MediaBox fixed: 4 known affected: 14 2026-07-08T14:52:57+00:00 Vulnerability · Source
CVE-2025-64506 redhat_vex libpng: LIBPNG heap buffer over-read fixed: 3 known affected: 241 2026-07-08T14:52:53+00:00 Vulnerability · Source
CVE-2026-40223 redhat_vex systemd: systemd: Local unprivileged user can cause Denial of Service fixed: 4 known not affected: 131 2026-07-08T14:52:53+00:00 Vulnerability · Source
CVE-2026-40161 redhat_vex github.com/tektoncd/pipeline: Tekton Pipelines: Information disclosure of Git API token via user-controlled serverURL fixed: 32 known affected: 21 known not affected: 59 2026-07-08T14:52:50+00:00 Vulnerability · Source
CVE-2025-64505 redhat_vex libpng: LIBPNG heap buffer overflow via malformed palette index fixed: 3 known affected: 241 2026-07-08T14:52:35+00:00 Vulnerability · Source
CVE-2025-11230 redhat_vex haproxy: denial of service vulnerability in HAProxy mjson library fixed: 98 known affected: 9 known not affected: 17 2026-07-08T14:52:02+00:00 Vulnerability · Source
CVE-2025-70103 redhat_vex libjxl: libjxl: Arbitrary code execution via crafted PBM images known affected: 8 2026-07-08T14:51:54+00:00 Vulnerability · Source
CVE-2025-12818 redhat_vex postgresql: libpq: libpq undersizes allocations, via integer wraparound fixed: 3265 known affected: 11 known not affected: 40 2026-07-08T14:47:53+00:00 Vulnerability · Source
CVE-2026-33211 redhat_vex Tekton Pipelines: github.com/tektoncd/pipeline: Tekton Pipelines: Information disclosure via path traversal in git resolver fixed: 32 known affected: 27 known not affected: 457 2026-07-08T14:47:22+00:00 Vulnerability · Source
CVE-2026-53362 microsoft_vex ipv6: account for fraggap on the paged allocation path fixed: 1 known affected: 1 2026-07-08T14:47:02+00:00 Vulnerability · Source
CVE-2026-53361 microsoft_vex af_unix: Set gc_in_progress to true in unix_gc(). fixed: 1 known affected: 1 2026-07-08T14:46:54+00:00 Vulnerability · Source
CVE-2025-13699 redhat_vex mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation fixed: 2284 known not affected: 19 2026-07-08T14:46:39+00:00 Vulnerability · Source
CVE-2025-64720 redhat_vex libpng: LIBPNG buffer overflow fixed: 3648 known affected: 25 known not affected: 27 2026-07-08T14:46:25+00:00 Vulnerability · Source
CVE-2026-53325 microsoft_vex agp/amd64: Fix broken error propagation in agp_amd64_probe() fixed: 1 known affected: 1 2026-07-08T14:43:54+00:00 Vulnerability · Source
CVE-2026-52909 microsoft_vex ip6_vti: set netns_immutable on the fallback device. fixed: 1 known affected: 1 2026-07-08T14:43:42+00:00 Vulnerability · Source
CVE-2025-58186 redhat_vex golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http fixed: 8 known affected: 73 known not affected: 50 under investigation: 1395 2026-07-08T14:43:00+00:00 Vulnerability · Source
CVE-2026-53163 microsoft_vex locking/rtmutex: Skip remove_waiter() when waiter is not enqueued fixed: 1 known affected: 2 2026-07-08T14:43:00+00:00 Vulnerability · Source
CVE-2025-57812 redhat_vex cups: CUPS-Filters: Information disclosure and data corruption via crafted TIFF image file processing fixed: 4 known affected: 15 2026-07-08T14:42:55+00:00 Vulnerability · Source
CVE-2025-43718 redhat_vex poppler: Poppler stack overflow fixed: 4 known affected: 11 known not affected: 48 2026-07-08T14:42:54+00:00 Vulnerability · Source
CVE-2026-53138 microsoft_vex drm/amd/display: Bound VBIOS record-chain walk loops fixed: 1 known affected: 2 2026-07-08T14:42:49+00:00 Vulnerability · Source
CVE-2026-53157 microsoft_vex net: phonet: free phonet_device after RCU grace period fixed: 1 known affected: 1 under investigation: 1 2026-07-08T14:42:25+00:00 Vulnerability · Source
CVE-2026-52928 microsoft_vex af_unix: Reject SIOCATMARK on non-stream sockets fixed: 1 known affected: 2 2026-07-08T14:42:16+00:00 Vulnerability · Source
CVE-2026-53151 microsoft_vex rxrpc: Fix the ACK parser to extract the SACK table for parsing fixed: 1 known affected: 2 2026-07-08T14:41:57+00:00 Vulnerability · Source
CVE-2025-65018 redhat_vex libpng: LIBPNG heap buffer overflow fixed: 3612 known affected: 8 known not affected: 48 2026-07-08T14:40:57+00:00 Vulnerability · Source
CVE-2026-43186 redhat_vex kernel: ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data() known affected: 90 known not affected: 184 2026-07-08T14:37:19+00:00 Vulnerability · Source
CVE-2026-40215 redhat_vex openvpn: OpenVPN: Server crash or memory leak due to race condition and use-after-free known not affected: 1 2026-07-08T14:32:11+00:00 Vulnerability · Source
CVE-2026-52726 redhat_vex dulwich: Dulwich: Arbitrary code execution via crafted Git submodules known affected: 10 known not affected: 7 2026-07-08T14:21:34+00:00 Vulnerability · Source