Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1680 CRITICAL 135 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • 商用ライセンス有り
  • Linux
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1041 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 4 127 172 17
1042 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 43 314 444 50
1043 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 91 270 270 46
1044 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 72 169 210 55
1045 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
1046 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
1047 Red Hat Enterprise Linux 3 3.0 0 33 44 17
1048 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1041 4.7
1.9 		MEDIUM
Local 		It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service … CWE-269
 Improper Privilege Management 		CVE-2018-16888 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:53
2019-01-15 		Show GitHub Exploit DB Packet Storm
1042 3.3
2.1 		LOW
Local 		An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Version… - CVE-2018-16866 cpe:2.3:o:redhat:enterprise_linux:7.6:* 2024-11-21 12:53
2019-01-12 		Show GitHub Exploit DB Packet Storm
1043 5.3
2.6 		MEDIUM
Network 		In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the tar… CWE-863
 Incorrect Authorization 		CVE-2018-20685 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 13:01
2019-01-11 		Show GitHub Exploit DB Packet Storm
1044 6.5
4.3 		MEDIUM
Network 		In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by craft… CWE-20
 Improper Input Validation  		CVE-2018-20662 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:01
2019-01-3 		Show GitHub Exploit DB Packet Storm
1045 6.5
4.3 		MEDIUM
Network 		A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec clas… CWE-20
 Improper Input Validation  		CVE-2018-20650 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:01
2019-01-2 		Show GitHub Exploit DB Packet Storm
1046 8.0
6.7 		HIGH
Adjacent 		A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-af… - CVE-2018-16884 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:53
2018-12-19 		Show GitHub Exploit DB Packet Storm
1047 9.8
7.5 		CRITICAL
Network 		Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2018-18314 cpe:2.3:o:redhat:enterprise_linux:7.6:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:55
2018-12-8 		Show GitHub Exploit DB Packet Storm
1048 9.1
6.4 		CRITICAL
Network 		Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. CWE-125
Out-of-bounds Read 		CVE-2018-18313 cpe:2.3:o:redhat:enterprise_linux:7.6:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:55
2018-12-8 		Show GitHub Exploit DB Packet Storm
1049 9.8
7.5 		CRITICAL
Network 		Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound 		CVE-2018-18311 cpe:2.3:o:redhat:enterprise_linux:7.6:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:55
2018-12-8 		Show GitHub Exploit DB Packet Storm
1050 9.8
7.5 		CRITICAL
Network 		Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2018-18312 cpe:2.3:o:redhat:enterprise_linux:7.6:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:55
2018-12-6 		Show GitHub Exploit DB Packet Storm