Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1680 CRITICAL 135 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • 商用ライセンス有り
  • Linux
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1051 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 4 127 172 17
1052 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 43 314 444 50
1053 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 91 270 270 46
1054 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 72 169 210 55
1055 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
1056 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
1057 Red Hat Enterprise Linux 3 3.0 0 33 44 17
1058 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1051 7.5
5.0 		HIGH
Network 		Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB … CWE-400
 Uncontrolled Resource Consumption 		CVE-2018-12121 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 12:44
2018-11-29 		Show GitHub Exploit DB Packet Storm
1052 5.5
2.1 		MEDIUM
Local 		A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain le… CWE-200
Information Exposure 		CVE-2018-16862 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:53
2018-11-27 		Show GitHub Exploit DB Packet Storm
1053 8.1
6.8 		HIGH
Network 		An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some f… NVD-CWE-noinfo
CVE-2018-16396 cpe:2.3:o:redhat:enterprise_linux:7.6:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:52
2018-11-17 		Show GitHub Exploit DB Packet Storm
1054 9.8
7.5 		CRITICAL
Network 		An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using =… NVD-CWE-noinfo
CVE-2018-16395 cpe:2.3:o:redhat:enterprise_linux:7.4:* 2024-11-21 12:52
2018-11-17 		Show GitHub Exploit DB Packet Storm
1055 9.8
7.5 		CRITICAL
Network 		postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cau… CWE-89
SQL Injection 		CVE-2018-16850 cpe:2.3:o:redhat:enterprise_linux:7.6:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:53
2018-11-14 		Show GitHub Exploit DB Packet Storm
1056 7.8
6.8 		HIGH
Local 		Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters. CWE-125
Out-of-bounds Read 		CVE-2018-19215 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:57
2018-11-13 		Show GitHub Exploit DB Packet Storm
1057 7.8
6.8 		HIGH
Local 		Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input. CWE-125
Out-of-bounds Read 		CVE-2018-19214 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:57
2018-11-13 		Show GitHub Exploit DB Packet Storm
1058 6.5
4.3 		MEDIUM
Network 		In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. This is related to WPXTab… CWE-476
 NULL Pointer Dereference 		CVE-2018-19208 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:57
2018-11-13 		Show GitHub Exploit DB Packet Storm
1059 9.8
7.5 		CRITICAL
Network 		The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary… CWE-94
Code Injection 		CVE-2018-14667 cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux:5.0:* 		2024-11-21 12:49
2018-11-7 		Show GitHub Exploit DB Packet Storm
1060 6.5
4.3 		MEDIUM
Network 		An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo. CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2018-18897 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 12:56
2018-11-2 		Show GitHub Exploit DB Packet Storm