VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
221822 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-53037 | microsoft_vex | HID: usbhid: fix deadlock in hid_post_reset() | fixed: 1 known affected: 1 | 2026-07-09T14:42:30+00:00 | Vulnerability · Source |
| CVE-2026-53066 | microsoft_vex | drm/sun4i: backend: fix error pointer dereference | fixed: 1 known affected: 1 | 2026-07-09T14:42:22+00:00 | Vulnerability · Source |
| CVE-2026-53110 | microsoft_vex | s390/bpf: Zero-extend bpf prog return values and kfunc arguments | fixed: 1 known affected: 1 | 2026-07-09T14:42:15+00:00 | Vulnerability · Source |
| CVE-2026-53032 | microsoft_vex | bpf: Fix NULL deref in map_kptr_match_type for scalar regs | fixed: 1 known affected: 1 | 2026-07-09T14:41:59+00:00 | Vulnerability · Source |
| CVE-2026-53062 | microsoft_vex | dm cache policy smq: fix missing locks in invalidating cache blocks | fixed: 1 known affected: 1 | 2026-07-09T14:41:52+00:00 | Vulnerability · Source |
| CVE-2026-53063 | microsoft_vex | dm cache: fix write hang in passthrough mode | fixed: 1 known affected: 1 | 2026-07-09T14:41:44+00:00 | Vulnerability · Source |
| CVE-2026-53022 | microsoft_vex | platform/x86: dell-wmi-sysman: bound enumeration string aggregation | fixed: 1 known affected: 1 | 2026-07-09T14:41:30+00:00 | Vulnerability · Source |
| CVE-2026-53013 | microsoft_vex | macvlan: fix macvlan_get_size() not reserving space for IFLA_MACVLAN_BC_CUTOFF | fixed: 1 known affected: 1 | 2026-07-09T14:41:22+00:00 | Vulnerability · Source |
| CVE-2026-53126 | microsoft_vex | blk-cgroup: fix disk reference leak in blkcg_maybe_throttle_current() | fixed: 1 known affected: 1 | 2026-07-09T14:41:15+00:00 | Vulnerability · Source |
| CVE-2026-52986 | microsoft_vex | netfilter: nf_conntrack_sip: don't use simple_strtoul | fixed: 1 known affected: 1 | 2026-07-09T14:41:07+00:00 | Vulnerability · Source |
| CVE-2026-53094 | microsoft_vex | bpf: Fix stale offload->prog pointer after constant blinding | fixed: 1 known affected: 1 | 2026-07-09T14:41:00+00:00 | Vulnerability · Source |
| CVE-2026-52993 | microsoft_vex | tipc: fix double-free in tipc_buf_append() | fixed: 1 known affected: 1 | 2026-07-09T14:40:52+00:00 | Vulnerability · Source |
| CVE-2026-53012 | microsoft_vex | nexthop: fix IPv6 route referencing IPv4 nexthop | fixed: 1 known affected: 1 | 2026-07-09T14:40:43+00:00 | Vulnerability · Source |
| CVE-2026-53021 | microsoft_vex | scsi: target: core: Fix integer overflow in UNMAP bounds check | fixed: 1 known affected: 1 | 2026-07-09T14:40:35+00:00 | Vulnerability · Source |
| CVE-2026-53269 | microsoft_vex | netfilter: synproxy: add mutex to guard hook reference counting | fixed: 1 known affected: 1 | 2026-07-09T14:40:14+00:00 | Vulnerability · Source |
| CVE-2026-52984 | microsoft_vex | net/sched: netem: fix queue limit check to include reordered packets | fixed: 1 known affected: 1 | 2026-07-09T14:40:12+00:00 | Vulnerability · Source |
| CVE-2026-52998 | microsoft_vex | netfilter: nfnetlink_osf: fix potential NULL dereference in ttl check | fixed: 1 known affected: 1 | 2026-07-09T14:40:04+00:00 | Vulnerability · Source |
| CVE-2026-53023 | microsoft_vex | fs/ntfs3: terminate the cached volume label after UTF-8 conversion | fixed: 1 known affected: 1 | 2026-07-09T14:39:55+00:00 | Vulnerability · Source |
| CVE-2026-53223 | microsoft_vex | net: guard timestamp cmsgs to real error queue skbs | fixed: 1 known affected: 1 | 2026-07-09T14:39:54+00:00 | Vulnerability · Source |
| CVE-2026-53075 | microsoft_vex | ppp: require CAP_NET_ADMIN in target netns for unattached ioctls | fixed: 1 known affected: 1 | 2026-07-09T14:39:47+00:00 | Vulnerability · Source |
| CVE-2026-12413 | microsoft_vex | IKEv2 Denial of Service via malformed fragmentation | fixed: 1 known affected: 1 | 2026-07-09T14:39:45+00:00 | Vulnerability · Source |
| CVE-2026-53011 | microsoft_vex | net/sched: taprio: fix use-after-free in advance_sched() on schedule switch | fixed: 1 known affected: 1 | 2026-07-09T14:39:39+00:00 | Vulnerability · Source |
| CVE-2026-50722 | microsoft_vex | IKEv2 Denial of Service via RSA-SHA1 (PKCS#1 RSASSA-PKCS1-v1_5) authentication payload | fixed: 1 known affected: 1 | 2026-07-09T14:39:37+00:00 | Vulnerability · Source |
| CVE-2026-53077 | microsoft_vex | net/rds: Restrict use of RDS/IB to the initial network namespace | fixed: 1 known affected: 1 | 2026-07-09T14:39:30+00:00 | Vulnerability · Source |
| CVE-2026-50721 | microsoft_vex | IKEv1 Denial of Service via RSA-SHA1 (PKCS#1 Version 1.5 Encrypted) authentication payload | fixed: 1 known affected: 1 | 2026-07-09T14:39:28+00:00 | Vulnerability · Source |
| CVE-2026-52936 | microsoft_vex | crypto: jitterentropy - replace long-held spinlock with mutex | fixed: 1 known affected: 1 | 2026-07-09T14:39:21+00:00 | Vulnerability · Source |
| CVE-2026-12912 | microsoft_vex | Libtiff: libtiff: heap-based buffer overflow via crafted pixarlog-compressed tiff image | fixed: 1 known affected: 1 | 2026-07-09T14:39:20+00:00 | Vulnerability · Source |
| CVE-2026-53003 | microsoft_vex | pppoe: drop PFC frames | fixed: 1 known affected: 1 | 2026-07-09T14:39:13+00:00 | Vulnerability · Source |
| CVE-2026-14164 | microsoft_vex | Libarchive: double-free vulnerability in rar5 decompression logic via dangling filtered_buf pointer in init_unpack() | fixed: 1 known affected: 1 | 2026-07-09T14:39:11+00:00 | Vulnerability · Source |
| CVE-2026-53082 | microsoft_vex | net: hamradio: 6pack: fix uninit-value in sixpack_receive_buf | fixed: 1 known affected: 1 | 2026-07-09T14:39:05+00:00 | Vulnerability · Source |
| CVE-2026-52920 | microsoft_vex | netfilter: xt_policy: fix strict mode inbound policy matching | fixed: 1 known affected: 1 | 2026-07-09T14:38:56+00:00 | Vulnerability · Source |
| CVE-2026-53357 | microsoft_vex | Bluetooth: fix UAF in l2cap_sock_cleanup_listen() vs l2cap_conn_del() | fixed: 1 known affected: 1 | 2026-07-09T14:38:55+00:00 | Vulnerability · Source |
| CVE-2026-53086 | microsoft_vex | net: bcmgenet: fix racing timeout handler | fixed: 1 known affected: 1 | 2026-07-09T14:38:48+00:00 | Vulnerability · Source |
| CVE-2026-37555 | microsoft_vex | An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path (line 241) was fixed with (sf_count_t) cast, but the WAV code path (line 235) and close path (line 167) were not. When samplesperblock (int) * blocks (int) exceeds INT_MAX, the 32-bit multiplication overflows before being assigned to sf.frames (sf_count_t/int64). With samplesperblock=50000 and blocks=50000, the product 2500000000 overflows to -1794967296. This causes incorrect frame count leading to heap buffer overflow or denial of service. Both values come from the WAV file header and are attacker-controlled. This issue was discovered after an incomplete fix for CVE-2022-33065. | fixed: 1 known affected: 2 | 2026-07-09T14:38:36+00:00 | Vulnerability · Source |
| CVE-2026-42765 | redhat_vex | openssl: NULL Dereference in Certificate Verification with OCSP Checking | known not affected: 1 | 2026-07-09T14:31:15+00:00 | Vulnerability · Source |
| CVE-2026-43303 | redhat_vex | kernel: mm/page_alloc: clear page->private in free_pages_prepare() | fixed: 1658 known affected: 36 known not affected: 76 | 2026-07-09T13:55:08+00:00 | Vulnerability · Source |
| CVE-2026-30892 | redhat_vex | crun: crun: Privilege escalation due to incorrect parsing of the `--user` option | fixed: 71 known affected: 1 known not affected: 2 | 2026-07-09T13:53:06+00:00 | Vulnerability · Source |
| CVE-2026-32289 | redhat_vex | html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals | fixed: 29 known affected: 354 | 2026-07-09T13:42:21+00:00 | Vulnerability · Source |
| CVE-2026-44332 | redhat_vex | github.com/gofiber/fiber: GoFiber: Remote Username Enumeration via BasicAuth Middleware Short-Circuit Evaluation | known not affected: 1 | 2026-07-09T13:35:03+00:00 | Vulnerability · Source |
| CVE-2026-59927 | redhat_vex | mistune: Mistune: Denial of Service via unbounded recursion in Markdown include directive | known affected: 1 under investigation: 24 | 2026-07-09T13:30:36+00:00 | Vulnerability · Source |
| CVE-2026-31488 | redhat_vex | kernel: drm/amd/display: Do not skip unrelated mode changes in DSC validation | fixed: 453 known affected: 98 known not affected: 42 | 2026-07-09T13:30:33+00:00 | Vulnerability · Source |
| CVE-2026-46150 | redhat_vex | kernel: fanotify: fix false positive on permission events | known affected: 274 | 2026-07-09T13:14:03+00:00 | Vulnerability · Source |
| CVE-2026-41606 | redhat_vex | Apache Thrift: Apache Thrift: Denial of Service via uncontrolled recursion | fixed: 36 known affected: 13 known not affected: 439 | 2026-07-09T13:07:23+00:00 | Vulnerability · Source |
| CVE-2026-41603 | redhat_vex | Apache Thrift: apache.com/apache/thrift: Apache Thrift: Security Bypass via Improper Certificate Hostname Validation | fixed: 36 known affected: 14 known not affected: 438 | 2026-07-09T13:07:08+00:00 | Vulnerability · Source |
| CVE-2025-3110 | redhat_vex | OpenVPN Access Server: OpenVPN Access Server: HTTP request smuggling via bare line-feed sequences in HTTP headers | known not affected: 1 | 2026-07-09T12:55:22+00:00 | Vulnerability · Source |
| CVE-2026-54591 | redhat_vex | asyncssh: AsyncSSH: Arbitrary file write via path traversal in SCP client | known not affected: 1 | 2026-07-09T12:45:11+00:00 | Vulnerability · Source |
| CVE-2026-59892 | redhat_vex | @opentelemetry/propagator-jaeger: OpenTelemetry JavaScript: Denial of Service via malformed HTTP header decoding | known affected: 11 | 2026-07-09T12:05:07+00:00 | Vulnerability · Source |
| CVE-2026-59928 | redhat_vex | mistune: Mistune: Denial of Service via crafted Markdown document with reference-link definitions | known affected: 25 | 2026-07-09T11:55:15+00:00 | Vulnerability · Source |
| CVE-2026-54267 | redhat_vex | @angular/core: Angular Client Hydration DOM Clobbering & Response-Cache Poisoning | known not affected: 81 | 2026-07-09T11:11:08+00:00 | Vulnerability · Source |
| CVE-2026-59691 | redhat_vex | gstreamer: gstreamer: rfbsrc/librfb Hextile heap out-of-bounds write with 16bpp framebuffer | known affected: 24 | 2026-07-09T11:06:10+00:00 | Vulnerability · Source |