Software Detail

Software Informaton Top

Operating Systems

Software Detail

Red Hat Enterprise Linux

Number Of NVD

1680

CRITICAL

135

HIGH

590

MEDIUM

803

LOW

151

URL	https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation	Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee.
Tag	Linux 商用ライセンス有り

Add Information URL

No	Type	Name	URL
1			https://access.redhat.com/ja/articles/16476
2			https://access.redhat.com/support/policy/updates/errata
3			https://access.redhat.com/articles/3078
4			https://access.redhat.com/security
5			https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
1261	Red Hat Enterprise Linux 9	9.7	Nov. 11, 2025	May 17, 2022				4	127	172	17
1262	Red Hat Enterprise Linux 8	8.10	May 22, 2024	May 7, 2019	May 30, 2029			43	314	444	50
1263	Red Hat Enterprise Linux 7	7.9	Sept. 29, 2020	Dec. 11, 2013	Aug. 6, 2020	June 30, 2024		91	270	270	46
1264	Red Hat Enterprise Linux 6	6.10	June 19, 2018	Nov. 9, 2010	May 10, 2022	Nov. 30, 2020	June 30, 2024	72	169	210	55
1265	Red Hat Enterprise Linux 5	5.11	Sept. 16, 2014	March 15, 2007	March 31, 2017		Nov. 30, 2020	24	59	89	40
1266	Red Hat Enterprise Linux 4	4.5			Feb. 29, 2012		March 31, 2017	5	30	29	16
1267	Red Hat Enterprise Linux 3	3.0						0	33	44	17
1268	Red Hat Enterprise Linux 2	2.1 Update 7	April 28, 2005					0	32	37	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
1261	7.5 5.0	HIGH Network	The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from k…	CWE-200 Information Exposure	CVE-2016-5244	cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5:*	2024-11-21 11:53 2016-06-27	Show	GitHub Exploit DB Packet Storm

1262	5.5 4.9	MEDIUM Local	The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of s…	NVD-CWE-Other	CVE-2016-4470	cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 11:52 2016-06-27	Show	GitHub Exploit DB Packet Storm

1263	7.1 3.6	HIGH Local	SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.	CWE-284 Improper Access Control	CVE-2016-2150	cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 11:47 2016-06-10	Show	GitHub Exploit DB Packet Storm

1264	9.8 10.0	CRITICAL Network	The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, wh…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-0749	cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 11:42 2016-06-10	Show	GitHub Exploit DB Packet Storm

1265	7.8 7.2	HIGH Local	Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or pos…	CWE-416 Use After Free	CVE-2016-4805	cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 11:53 2016-05-23	Show	GitHub Exploit DB Packet Storm

1266	7.5 5.0	HIGH Network	The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table nam…	NVD-CWE-Other	CVE-2015-4644	cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 11:31 2016-05-16	Show	GitHub Exploit DB Packet Storm

1267	9.8 10.0	CRITICAL Network	The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpecte…	NVD-CWE-Other	CVE-2015-4603	cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 11:31 2016-05-16	Show	GitHub Exploit DB Packet Storm

1268	7.5 5.0	HIGH Network	The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, …	CWE-20 Improper Input Validation	CVE-2015-4605	cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 11:31 2016-05-16	Show	GitHub Exploit DB Packet Storm

1269	7.5 5.0	HIGH Network	The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relatio…	CWE-20 Improper Input Validation	CVE-2015-4604	cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 11:31 2016-05-16	Show	GitHub Exploit DB Packet Storm

1270	9.8 10.0	CRITICAL Network	The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (applicat…	NVD-CWE-Other	CVE-2015-4602	cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 11:31 2016-05-16	Show	GitHub Exploit DB Packet Storm