Software Detail

Software Informaton Top

Operating Systems

Software Detail

Red Hat Enterprise Linux

Number Of NVD

1680

CRITICAL

135

HIGH

590

MEDIUM

803

LOW

151

URL	https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation	Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee.
Tag	Linux 商用ライセンス有り

Add Information URL

No	Type	Name	URL
1			https://access.redhat.com/ja/articles/16476
2			https://access.redhat.com/support/policy/updates/errata
3			https://access.redhat.com/articles/3078
4			https://access.redhat.com/security
5			https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
1191	Red Hat Enterprise Linux 9	9.7	Nov. 11, 2025	May 17, 2022				4	127	172	17
1192	Red Hat Enterprise Linux 8	8.10	May 22, 2024	May 7, 2019	May 30, 2029			43	314	444	50
1193	Red Hat Enterprise Linux 7	7.9	Sept. 29, 2020	Dec. 11, 2013	Aug. 6, 2020	June 30, 2024		91	270	270	46
1194	Red Hat Enterprise Linux 6	6.10	June 19, 2018	Nov. 9, 2010	May 10, 2022	Nov. 30, 2020	June 30, 2024	72	169	210	55
1195	Red Hat Enterprise Linux 5	5.11	Sept. 16, 2014	March 15, 2007	March 31, 2017		Nov. 30, 2020	24	59	89	40
1196	Red Hat Enterprise Linux 4	4.5			Feb. 29, 2012		March 31, 2017	5	30	29	16
1197	Red Hat Enterprise Linux 3	3.0						0	33	44	17
1198	Red Hat Enterprise Linux 2	2.1 Update 7	April 28, 2005					0	32	37	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
1191	7.5 5.0	HIGH Network	389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the "attribute uniqueness" plugin of 389 Directory Server. An aut…	CWE-125 Out-of-bounds Read	CVE-2017-2591	cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 12:23 2018-04-30	Show	GitHub Exploit DB Packet Storm

1192	7.5 5.0	HIGH Network	bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.	CWE-125 Out-of-bounds Read	CVE-2018-10393	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 12:41 2018-04-26	Show	GitHub Exploit DB Packet Storm

1193	8.8 6.8	HIGH Network	mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-rea…	CWE-125 CWE-787 Out-of-bounds Read Out-of-bounds Write	CVE-2018-10392	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 12:41 2018-04-26	Show	GitHub Exploit DB Packet Storm

1194	6.1 2.9	MEDIUM Adjacent	The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translat…	CWE-200 Information Exposure	CVE-2018-1059	cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 12:59 2018-04-25	Show	GitHub Exploit DB Packet Storm

1195	6.5 4.0	MEDIUM Network	pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call. The REST interface of the pcsd service did not properly sanitize the file name fro…	CWE-22 Path Traversal	CVE-2018-1079	cpe:2.3:o:redhat:enterprise_linux:7.5:* cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 12:59 2018-04-13	Show	GitHub Exploit DB Packet Storm

1196	7.5 5.0	HIGH Network	In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format (similar to format string vulnerabilities) can trig…	CWE-134 Use of Externally-Controlled Format String	CVE-2018-8778	cpe:2.3:o:redhat:enterprise_linux:7.6:* cpe:2.3:o:redhat:enterprise_linux:7.5:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 13:14 2018-04-4	Show	GitHub Exploit DB Packet Storm

1197	7.5 5.0	HIGH Network	In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted b…	CWE-400 Uncontrolled Resource Consumption	CVE-2018-8777	cpe:2.3:o:redhat:enterprise_linux:7.6:* cpe:2.3:o:redhat:enterprise_linux:7.5:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 13:14 2018-04-4	Show	GitHub Exploit DB Packet Storm

1198	7.5 5.0	HIGH Network	Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow at…	CWE-22 Path Traversal	CVE-2018-6914	cpe:2.3:o:redhat:enterprise_linux:7.6:* cpe:2.3:o:redhat:enterprise_linux:7.5:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 13:11 2018-04-4	Show	GitHub Exploit DB Packet Storm

1199	5.9 4.3	MEDIUM Network	A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerabili…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-1301	cpe:2.3:o:redhat:enterprise_linux:7.6:* cpe:2.3:o:redhat:enterprise_linux:7.5:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 12:59 2018-03-27	Show	GitHub Exploit DB Packet Storm

1200	5.3 3.5	MEDIUM Network	In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a …	NVD-CWE-noinfo	CVE-2018-1283	cpe:2.3:o:redhat:enterprise_linux:7.6:* cpe:2.3:o:redhat:enterprise_linux:7.5:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 12:59 2018-03-27	Show	GitHub Exploit DB Packet Storm