VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
221754 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-3713 | redhat_vex | libpng: libpng: Heap-based buffer overflow in pnm2png allows information disclosure and denial of service | fixed: 3 known not affected: 264 | 2026-07-08T14:21:25+00:00 | Vulnerability · Source |
| CVE-2025-9230 | redhat_vex | openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap | fixed: 632 known affected: 18 known not affected: 250 | 2026-07-08T14:12:33+00:00 | Vulnerability · Source |
| CVE-2026-3119 | redhat_vex | bind: BIND: Denial of Service via authenticated TKEY queries | fixed: 4 known affected: 9 known not affected: 77 | 2026-07-08T14:12:29+00:00 | Vulnerability · Source |
| CVE-2026-55655 | redhat_vex | openssh: Local MITM of X11 forwarding via abstract UNIX socket pre-binding in Red Hat Enterprise Linux OpenSSH client versions | fixed: 3 known affected: 40 under investigation: 1 | 2026-07-08T13:59:46+00:00 | Vulnerability · Source |
| CVE-2026-55654 | redhat_vex | openssh: Heap out-of-bounds read in Red Hat Enterprise Linux versions of OpenSSH GSSAPI indicator cleanup due to missing NULL sentinel termination | fixed: 3 known affected: 40 under investigation: 1 | 2026-07-08T13:59:46+00:00 | Vulnerability · Source |
| CVE-2026-55653 | redhat_vex | openssh: Double free in Red Hat Enterprise Linux versions of OpenSSH DH-GEX client path during FIPS known-group validation leads to client-side denial of service | fixed: 3 known affected: 41 | 2026-07-08T13:59:45+00:00 | Vulnerability · Source |
| CVE-2026-3591 | redhat_vex | bind: BIND: Unauthorized access due to use-after-return vulnerability in DNS query handling | fixed: 4 known affected: 9 known not affected: 77 | 2026-07-08T13:56:07+00:00 | Vulnerability · Source |
| CVE-2025-69720 | redhat_vex | ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution. | fixed: 106 known not affected: 28 | 2026-07-08T13:51:52+00:00 | Vulnerability · Source |
| CVE-2025-14178 | redhat_vex | php: heap-based buffer overflow in array_merge() | fixed: 4178 known not affected: 83 | 2026-07-08T13:47:52+00:00 | Vulnerability · Source |
| CVE-2026-1642 | redhat_vex | nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections | fixed: 951 known affected: 1 known not affected: 72 | 2026-07-08T13:41:54+00:00 | Vulnerability · Source |
| CVE-2026-53236 | redhat_vex | kernel: tcp: restrict SO_ATTACH_FILTER to priv users | known affected: 274 | 2026-07-08T13:37:06+00:00 | Vulnerability · Source |
| CVE-2026-37460 | redhat_vex | frr: FRRouting: Denial of Service via crafted BGP UPDATE message | known affected: 13 | 2026-07-08T13:30:35+00:00 | Vulnerability · Source |
| CVE-2026-53238 | redhat_vex | kernel: netlabel: validate unlabeled address and mask attribute lengths | known affected: 274 | 2026-07-08T13:26:53+00:00 | Vulnerability · Source |
| CVE-2026-53704 | redhat_vex | gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer FILEINFO metadata parser | fixed: 13 known affected: 6 | 2026-07-08T13:13:59+00:00 | Vulnerability · Source |
| CVE-2026-53703 | redhat_vex | gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header parser | fixed: 23 known affected: 4 | 2026-07-08T13:13:56+00:00 | Vulnerability · Source |
| CVE-2026-53071 | redhat_vex | kernel: Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp | known affected: 232 known not affected: 42 | 2026-07-08T13:07:42+00:00 | Vulnerability · Source |
| CVE-2026-11610 | redhat_vex | 389-ds-base: 389-ds-base: Heap buffer overflow in sasl_io_recv() via padded SASL UNBIND | fixed: 486 known affected: 5 known not affected: 1 | 2026-07-08T13:01:15+00:00 | Vulnerability · Source |
| CVE-2026-56403 | redhat_vex | libexpat: libexpat: Arbitrary code execution due to integer overflow in storeAtts | known affected: 7 under investigation: 21 | 2026-07-08T12:31:10+00:00 | Vulnerability · Source |
| CVE-2026-2641 | redhat_vex | ctags: ctags: Denial of Service due to uncontrolled recursion | known affected: 1 known not affected: 7 | 2026-07-08T12:29:30+00:00 | Vulnerability · Source |
| CVE-2025-38073 | redhat_vex | kernel: block: fix race between set_blocksize and read paths | known affected: 232 known not affected: 42 | 2026-07-08T12:29:24+00:00 | Vulnerability · Source |
| CVE-2022-50377 | redhat_vex | kernel: ext4: check and assert if marking an no_delete evicting inode dirty | fixed: 279 known affected: 112 known not affected: 76 | 2026-07-08T12:29:22+00:00 | Vulnerability · Source |
| CVE-2025-38096 | redhat_vex | kernel: Linux Kernel: Denial of Service in iwlwifi due to improper firmware error handling | known affected: 260 known not affected: 14 | 2026-07-08T12:29:17+00:00 | Vulnerability · Source |
| CVE-2026-57062 | redhat_vex | GnuPG: Incorrect cryptographic message parsing | known affected: 16 | 2026-07-08T12:29:14+00:00 | Vulnerability · Source |
| CVE-2026-14684 | redhat_vex | org.hdrhistogram/HdrHistogram: HdrHistogram: HdrHistogram: Denial of Service via uncontrolled memory allocation in decodeFromByteBuffer | fixed: 7 known affected: 12 | 2026-07-08T12:29:12+00:00 | Vulnerability · Source |
| CVE-2022-48694 | redhat_vex | kernel: RDMA/irdma: Fix drain SQ hang with no completion | known affected: 198 | 2026-07-08T12:29:09+00:00 | Vulnerability · Source |
| CVE-2026-57234 | redhat_vex | nokogiri: Nokogiri: Server-Side Request Forgery (SSRF) and XML External Entity (XXE) via improper enforcement of NONET parse option | known not affected: 17 | 2026-07-08T12:29:08+00:00 | Vulnerability · Source |
| CVE-2022-50740 | redhat_vex | kernel: Linux kernel: Denial of Service in ath9k Wi-Fi driver due to URB memory leak | fixed: 387 known affected: 52 known not affected: 104 | 2026-07-08T12:28:52+00:00 | Vulnerability · Source |
| CVE-2022-50833 | redhat_vex | kernel: Bluetooth: use hdev->workqueue when queuing hdev->{cmd,ncmd}_timer works | fixed: 201 known affected: 36 known not affected: 152 | 2026-07-08T12:28:45+00:00 | Vulnerability · Source |
| CVE-2022-50630 | redhat_vex | kernel: mm: hugetlb: fix UAF in hugetlb_handle_userfault | fixed: 267 known affected: 63 known not affected: 125 | 2026-07-08T12:28:41+00:00 | Vulnerability · Source |
| CVE-2022-50709 | redhat_vex | kernel: wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() | known affected: 198 known not affected: 76 | 2026-07-08T12:28:40+00:00 | Vulnerability · Source |
| CVE-2023-53629 | redhat_vex | kernel: fs: dlm: fix use after free in midcomms commit | known affected: 122 known not affected: 152 | 2026-07-08T12:28:39+00:00 | Vulnerability · Source |
| CVE-2022-50217 | redhat_vex | kernel: Linux kernel (FUSE): Data corruption or Denial of Service due to a race condition during file operations | known affected: 42 known not affected: 232 | 2026-07-08T12:28:36+00:00 | Vulnerability · Source |
| CVE-2022-50829 | redhat_vex | kernel: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() | fixed: 387 known affected: 80 known not affected: 76 | 2026-07-08T12:28:32+00:00 | Vulnerability · Source |
| CVE-2023-53759 | redhat_vex | kernel: Linux kernel: High impact due to data race in hidraw_open() during concurrent device opening | known affected: 122 known not affected: 152 | 2026-07-08T12:28:30+00:00 | Vulnerability · Source |
| CVE-2023-53788 | redhat_vex | kernel: ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() | known affected: 198 known not affected: 76 | 2026-07-08T12:28:28+00:00 | Vulnerability · Source |
| CVE-2022-50283 | redhat_vex | kernel: mtd: core: add missing of_node_get() in dynamic partitions code | known affected: 14 known not affected: 260 | 2026-07-08T12:28:24+00:00 | Vulnerability · Source |
| CVE-2023-53454 | redhat_vex | kernel: HID: multitouch: Correct devm device reference for hidinput input_dev name | known affected: 198 known not affected: 76 | 2026-07-08T12:28:22+00:00 | Vulnerability · Source |
| CVE-2022-50838 | redhat_vex | kernel: net: stream: purge sk_error_queue in sk_stream_kill_queues() | known affected: 170 known not affected: 104 | 2026-07-08T12:28:21+00:00 | Vulnerability · Source |
| CVE-2026-11774 | redhat_vex | 389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow | fixed: 486 known affected: 1 known not affected: 5 | 2026-07-08T12:26:57+00:00 | Vulnerability · Source |
| CVE-2022-50853 | redhat_vex | kernel: NFSv4: Fix a credential leak in _nfs4_discover_trunking() | known affected: 170 known not affected: 104 | 2026-07-08T12:24:26+00:00 | Vulnerability · Source |
| CVE-2022-50616 | redhat_vex | kernel: regulator: core: Use different devices for resource allocation and DT lookup | fixed: 267 known affected: 36 known not affected: 152 | 2026-07-08T12:24:24+00:00 | Vulnerability · Source |
| CVE-2025-38134 | redhat_vex | kernel: Kernel: Denial of Service due to null pointer dereference in USB ACPI module | known affected: 212 known not affected: 62 | 2026-07-08T12:24:18+00:00 | Vulnerability · Source |
| CVE-2025-38008 | redhat_vex | kernel: Linux kernel: Denial of Service due to race condition in unaccepted memory handling | known affected: 226 known not affected: 48 | 2026-07-08T12:24:15+00:00 | Vulnerability · Source |
| CVE-2023-53853 | redhat_vex | kernel: netlink: annotate accesses to nlk->cb_running | known affected: 198 known not affected: 76 | 2026-07-08T12:24:12+00:00 | Vulnerability · Source |
| CVE-2025-38075 | redhat_vex | kernel: Linux kernel: Denial of Service due to NULL pointer dereference in iSCSI target NOPIN timer handling | fixed: 303 known affected: 174 known not affected: 14 | 2026-07-08T12:24:11+00:00 | Vulnerability · Source |
| CVE-2025-38101 | redhat_vex | kernel: Linux kernel: Privilege escalation or denial of service due to improper buffer locking in ring-buffer | known affected: 104 known not affected: 170 | 2026-07-08T12:24:07+00:00 | Vulnerability · Source |
| CVE-2025-38112 | redhat_vex | kernel: Linux kernel: Denial of Service due to TOCTOU in `sk_is_readable()` | known affected: 274 | 2026-07-08T12:24:05+00:00 | Vulnerability · Source |
| CVE-2025-38003 | redhat_vex | kernel: can: bcm: add missing rcu read protection for procfs content | known affected: 226 known not affected: 48 | 2026-07-08T12:24:03+00:00 | Vulnerability · Source |
| CVE-2025-38055 | redhat_vex | kernel: perf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq | known affected: 212 known not affected: 62 | 2026-07-08T12:24:00+00:00 | Vulnerability · Source |
| CVE-2023-53802 | redhat_vex | kernel: wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function | known affected: 198 known not affected: 76 | 2026-07-08T12:23:58+00:00 | Vulnerability · Source |