Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1680 CRITICAL 135 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1241 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 4 127 172 17
1242 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 43 314 444 50
1243 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 91 270 270 46
1244 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 72 169 210 55
1245 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
1246 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
1247 Red Hat Enterprise Linux 3 3.0 0 33 44 17
1248 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1241 8.8
9.3 		HIGH
Network 		Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution. CWE-787
 Out-of-bounds Write 		CVE-2017-3070 cpe:2.3:o:redhat:enterprise_linux:6.0:* 2024-11-21 12:24
2017-05-10 		Show GitHub Exploit DB Packet Storm
1242 8.8
9.3 		HIGH
Network 		Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution. CWE-787
 Out-of-bounds Write 		CVE-2017-3069 cpe:2.3:o:redhat:enterprise_linux:6.0:* 2024-11-21 12:24
2017-05-10 		Show GitHub Exploit DB Packet Storm
1243 8.8
9.3 		HIGH
Network 		Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execut… CWE-787
 Out-of-bounds Write 		CVE-2017-3068 cpe:2.3:o:redhat:enterprise_linux:6.0:* 2024-11-21 12:24
2017-05-10 		Show GitHub Exploit DB Packet Storm
1244 8.1
4.3 		HIGH
Network 		Session fixation vulnerability in pcsd in pcs before 0.9.157. CWE-384
 Session Fixation 		CVE-2016-0721 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 11:42
2017-04-22 		Show GitHub Exploit DB Packet Storm
1245 8.8
6.8 		HIGH
Network 		Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149. CWE-352
 Origin Validation Error 		CVE-2016-0720 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 11:42
2017-04-22 		Show GitHub Exploit DB Packet Storm
1246 9.8
7.5 		CRITICAL
Network 		In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that,… CWE-502
 Deserialization of Untrusted Data 		CVE-2017-5645 cpe:2.3:o:redhat:enterprise_linux:7.6:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:28
2017-04-18 		Show GitHub Exploit DB Packet Storm
1247 7.5
7.8 		HIGH
Network 		Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-4459 cpe:2.3:o:redhat:enterprise_linux:6.0:* 2024-11-21 11:52
2017-04-13 		Show GitHub Exploit DB Packet Storm
1248 3.3
2.1 		LOW
Local 		Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other … CWE-200
Information Exposure 		CVE-2015-2877 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 11:28
2017-03-3 		Show GitHub Exploit DB Packet Storm
1249 8.8
6.8 		HIGH
Network 		The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file. CWE-476
 NULL Pointer Dereference 		CVE-2016-3616 cpe:2.3:o:redhat:enterprise_linux:7.4:* 2024-11-21 11:50
2017-02-14 		Show GitHub Exploit DB Packet Storm
1250 7.8
4.4 		HIGH
Local 		pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. CWE-116
 Improper Encoding or Escaping of Output 		CVE-2016-2568 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:* 		2024-11-21 11:48
2017-02-14 		Show GitHub Exploit DB Packet Storm