Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1680 CRITICAL 135 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • 商用ライセンス有り
  • Linux
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1011 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 4 127 172 17
1012 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 43 314 444 50
1013 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 91 270 270 46
1014 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 72 169 210 55
1015 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
1016 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
1017 Red Hat Enterprise Linux 3 3.0 0 33 44 17
1018 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1011 5.5
4.3 		MEDIUM
Local 		In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial… CWE-787
 Out-of-bounds Write 		CVE-2019-7664 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:48
2019-02-10 		Show GitHub Exploit DB Packet Storm
1012 5.5
4.3 		MEDIUM
Local 		In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of s… CWE-125
Out-of-bounds Read 		CVE-2019-7665 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:48
2019-02-10 		Show GitHub Exploit DB Packet Storm
1013 7.8
6.8 		HIGH
Local 		SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. CWE-89
SQL Injection 		CVE-2019-7548 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:48
2019-02-7 		Show GitHub Exploit DB Packet Storm
1014 6.4
6.9 		MEDIUM
Physics 		A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer… CWE-287
Improper Authentication 		CVE-2019-3825 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 13:42
2019-02-7 		Show GitHub Exploit DB Packet Storm
1015 9.8
7.5 		CRITICAL
Network 		libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_mess… CWE-787
 Out-of-bounds Write 		CVE-2019-3822 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:42
2019-02-7 		Show GitHub Exploit DB Packet Storm
1016 7.5
5.0 		HIGH
Network 		libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does… CWE-125
CWE-190
Out-of-bounds Read
 Integer Overflow or Wraparound 		CVE-2018-16890 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 12:53
2019-02-7 		Show GitHub Exploit DB Packet Storm
1017 5.9
4.3 		MEDIUM
Network 		When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to … NVD-CWE-noinfo
CVE-2018-18506 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 12:56
2019-02-6 		Show GitHub Exploit DB Packet Storm
1018 5.3
2.6 		MEDIUM
Network 		png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. CWE-416
 Use After Free 		CVE-2019-7317 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 13:48
2019-02-4 		Show GitHub Exploit DB Packet Storm
1019 7.8
6.8 		HIGH
Local 		In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash… CWE-125
CWE-681
Out-of-bounds Read
 Incorrect Conversion between Numeric Types 		CVE-2019-7310 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:47
2019-02-3 		Show GitHub Exploit DB Packet Storm
1020 5.9
5.8 		MEDIUM
Network 		An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only perf… CWE-22
Path Traversal 		CVE-2019-6111 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 13:45
2019-02-1 		Show GitHub Exploit DB Packet Storm