VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221822 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-53037 microsoft_vex HID: usbhid: fix deadlock in hid_post_reset() fixed: 1 known affected: 1 2026-07-09T14:42:30+00:00 Vulnerability · Source
CVE-2026-53066 microsoft_vex drm/sun4i: backend: fix error pointer dereference fixed: 1 known affected: 1 2026-07-09T14:42:22+00:00 Vulnerability · Source
CVE-2026-53110 microsoft_vex s390/bpf: Zero-extend bpf prog return values and kfunc arguments fixed: 1 known affected: 1 2026-07-09T14:42:15+00:00 Vulnerability · Source
CVE-2026-53032 microsoft_vex bpf: Fix NULL deref in map_kptr_match_type for scalar regs fixed: 1 known affected: 1 2026-07-09T14:41:59+00:00 Vulnerability · Source
CVE-2026-53062 microsoft_vex dm cache policy smq: fix missing locks in invalidating cache blocks fixed: 1 known affected: 1 2026-07-09T14:41:52+00:00 Vulnerability · Source
CVE-2026-53063 microsoft_vex dm cache: fix write hang in passthrough mode fixed: 1 known affected: 1 2026-07-09T14:41:44+00:00 Vulnerability · Source
CVE-2026-53022 microsoft_vex platform/x86: dell-wmi-sysman: bound enumeration string aggregation fixed: 1 known affected: 1 2026-07-09T14:41:30+00:00 Vulnerability · Source
CVE-2026-53013 microsoft_vex macvlan: fix macvlan_get_size() not reserving space for IFLA_MACVLAN_BC_CUTOFF fixed: 1 known affected: 1 2026-07-09T14:41:22+00:00 Vulnerability · Source
CVE-2026-53126 microsoft_vex blk-cgroup: fix disk reference leak in blkcg_maybe_throttle_current() fixed: 1 known affected: 1 2026-07-09T14:41:15+00:00 Vulnerability · Source
CVE-2026-52986 microsoft_vex netfilter: nf_conntrack_sip: don't use simple_strtoul fixed: 1 known affected: 1 2026-07-09T14:41:07+00:00 Vulnerability · Source
CVE-2026-53094 microsoft_vex bpf: Fix stale offload->prog pointer after constant blinding fixed: 1 known affected: 1 2026-07-09T14:41:00+00:00 Vulnerability · Source
CVE-2026-52993 microsoft_vex tipc: fix double-free in tipc_buf_append() fixed: 1 known affected: 1 2026-07-09T14:40:52+00:00 Vulnerability · Source
CVE-2026-53012 microsoft_vex nexthop: fix IPv6 route referencing IPv4 nexthop fixed: 1 known affected: 1 2026-07-09T14:40:43+00:00 Vulnerability · Source
CVE-2026-53021 microsoft_vex scsi: target: core: Fix integer overflow in UNMAP bounds check fixed: 1 known affected: 1 2026-07-09T14:40:35+00:00 Vulnerability · Source
CVE-2026-53269 microsoft_vex netfilter: synproxy: add mutex to guard hook reference counting fixed: 1 known affected: 1 2026-07-09T14:40:14+00:00 Vulnerability · Source
CVE-2026-52984 microsoft_vex net/sched: netem: fix queue limit check to include reordered packets fixed: 1 known affected: 1 2026-07-09T14:40:12+00:00 Vulnerability · Source
CVE-2026-52998 microsoft_vex netfilter: nfnetlink_osf: fix potential NULL dereference in ttl check fixed: 1 known affected: 1 2026-07-09T14:40:04+00:00 Vulnerability · Source
CVE-2026-53023 microsoft_vex fs/ntfs3: terminate the cached volume label after UTF-8 conversion fixed: 1 known affected: 1 2026-07-09T14:39:55+00:00 Vulnerability · Source
CVE-2026-53223 microsoft_vex net: guard timestamp cmsgs to real error queue skbs fixed: 1 known affected: 1 2026-07-09T14:39:54+00:00 Vulnerability · Source
CVE-2026-53075 microsoft_vex ppp: require CAP_NET_ADMIN in target netns for unattached ioctls fixed: 1 known affected: 1 2026-07-09T14:39:47+00:00 Vulnerability · Source
CVE-2026-12413 microsoft_vex IKEv2 Denial of Service via malformed fragmentation fixed: 1 known affected: 1 2026-07-09T14:39:45+00:00 Vulnerability · Source
CVE-2026-53011 microsoft_vex net/sched: taprio: fix use-after-free in advance_sched() on schedule switch fixed: 1 known affected: 1 2026-07-09T14:39:39+00:00 Vulnerability · Source
CVE-2026-50722 microsoft_vex IKEv2 Denial of Service via RSA-SHA1 (PKCS#1 RSASSA-PKCS1-v1_5) authentication payload fixed: 1 known affected: 1 2026-07-09T14:39:37+00:00 Vulnerability · Source
CVE-2026-53077 microsoft_vex net/rds: Restrict use of RDS/IB to the initial network namespace fixed: 1 known affected: 1 2026-07-09T14:39:30+00:00 Vulnerability · Source
CVE-2026-50721 microsoft_vex IKEv1 Denial of Service via RSA-SHA1 (PKCS#1 Version 1.5 Encrypted) authentication payload fixed: 1 known affected: 1 2026-07-09T14:39:28+00:00 Vulnerability · Source
CVE-2026-52936 microsoft_vex crypto: jitterentropy - replace long-held spinlock with mutex fixed: 1 known affected: 1 2026-07-09T14:39:21+00:00 Vulnerability · Source
CVE-2026-12912 microsoft_vex Libtiff: libtiff: heap-based buffer overflow via crafted pixarlog-compressed tiff image fixed: 1 known affected: 1 2026-07-09T14:39:20+00:00 Vulnerability · Source
CVE-2026-53003 microsoft_vex pppoe: drop PFC frames fixed: 1 known affected: 1 2026-07-09T14:39:13+00:00 Vulnerability · Source
CVE-2026-14164 microsoft_vex Libarchive: double-free vulnerability in rar5 decompression logic via dangling filtered_buf pointer in init_unpack() fixed: 1 known affected: 1 2026-07-09T14:39:11+00:00 Vulnerability · Source
CVE-2026-53082 microsoft_vex net: hamradio: 6pack: fix uninit-value in sixpack_receive_buf fixed: 1 known affected: 1 2026-07-09T14:39:05+00:00 Vulnerability · Source
CVE-2026-52920 microsoft_vex netfilter: xt_policy: fix strict mode inbound policy matching fixed: 1 known affected: 1 2026-07-09T14:38:56+00:00 Vulnerability · Source
CVE-2026-53357 microsoft_vex Bluetooth: fix UAF in l2cap_sock_cleanup_listen() vs l2cap_conn_del() fixed: 1 known affected: 1 2026-07-09T14:38:55+00:00 Vulnerability · Source
CVE-2026-53086 microsoft_vex net: bcmgenet: fix racing timeout handler fixed: 1 known affected: 1 2026-07-09T14:38:48+00:00 Vulnerability · Source
CVE-2026-37555 microsoft_vex An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path (line 241) was fixed with (sf_count_t) cast, but the WAV code path (line 235) and close path (line 167) were not. When samplesperblock (int) * blocks (int) exceeds INT_MAX, the 32-bit multiplication overflows before being assigned to sf.frames (sf_count_t/int64). With samplesperblock=50000 and blocks=50000, the product 2500000000 overflows to -1794967296. This causes incorrect frame count leading to heap buffer overflow or denial of service. Both values come from the WAV file header and are attacker-controlled. This issue was discovered after an incomplete fix for CVE-2022-33065. fixed: 1 known affected: 2 2026-07-09T14:38:36+00:00 Vulnerability · Source
CVE-2026-42765 redhat_vex openssl: NULL Dereference in Certificate Verification with OCSP Checking known not affected: 1 2026-07-09T14:31:15+00:00 Vulnerability · Source
CVE-2026-43303 redhat_vex kernel: mm/page_alloc: clear page->private in free_pages_prepare() fixed: 1658 known affected: 36 known not affected: 76 2026-07-09T13:55:08+00:00 Vulnerability · Source
CVE-2026-30892 redhat_vex crun: crun: Privilege escalation due to incorrect parsing of the `--user` option fixed: 71 known affected: 1 known not affected: 2 2026-07-09T13:53:06+00:00 Vulnerability · Source
CVE-2026-32289 redhat_vex html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals fixed: 29 known affected: 354 2026-07-09T13:42:21+00:00 Vulnerability · Source
CVE-2026-44332 redhat_vex github.com/gofiber/fiber: GoFiber: Remote Username Enumeration via BasicAuth Middleware Short-Circuit Evaluation known not affected: 1 2026-07-09T13:35:03+00:00 Vulnerability · Source
CVE-2026-59927 redhat_vex mistune: Mistune: Denial of Service via unbounded recursion in Markdown include directive known affected: 1 under investigation: 24 2026-07-09T13:30:36+00:00 Vulnerability · Source
CVE-2026-31488 redhat_vex kernel: drm/amd/display: Do not skip unrelated mode changes in DSC validation fixed: 453 known affected: 98 known not affected: 42 2026-07-09T13:30:33+00:00 Vulnerability · Source
CVE-2026-46150 redhat_vex kernel: fanotify: fix false positive on permission events known affected: 274 2026-07-09T13:14:03+00:00 Vulnerability · Source
CVE-2026-41606 redhat_vex Apache Thrift: Apache Thrift: Denial of Service via uncontrolled recursion fixed: 36 known affected: 13 known not affected: 439 2026-07-09T13:07:23+00:00 Vulnerability · Source
CVE-2026-41603 redhat_vex Apache Thrift: apache.com/apache/thrift: Apache Thrift: Security Bypass via Improper Certificate Hostname Validation fixed: 36 known affected: 14 known not affected: 438 2026-07-09T13:07:08+00:00 Vulnerability · Source
CVE-2025-3110 redhat_vex OpenVPN Access Server: OpenVPN Access Server: HTTP request smuggling via bare line-feed sequences in HTTP headers known not affected: 1 2026-07-09T12:55:22+00:00 Vulnerability · Source
CVE-2026-54591 redhat_vex asyncssh: AsyncSSH: Arbitrary file write via path traversal in SCP client known not affected: 1 2026-07-09T12:45:11+00:00 Vulnerability · Source
CVE-2026-59892 redhat_vex @opentelemetry/propagator-jaeger: OpenTelemetry JavaScript: Denial of Service via malformed HTTP header decoding known affected: 11 2026-07-09T12:05:07+00:00 Vulnerability · Source
CVE-2026-59928 redhat_vex mistune: Mistune: Denial of Service via crafted Markdown document with reference-link definitions known affected: 25 2026-07-09T11:55:15+00:00 Vulnerability · Source
CVE-2026-54267 redhat_vex @angular/core: Angular Client Hydration DOM Clobbering & Response-Cache Poisoning known not affected: 81 2026-07-09T11:11:08+00:00 Vulnerability · Source
CVE-2026-59691 redhat_vex gstreamer: gstreamer: rfbsrc/librfb Hextile heap out-of-bounds write with 16bpp framebuffer known affected: 24 2026-07-09T11:06:10+00:00 Vulnerability · Source