Software Detail

Software Informaton Top

Operating Systems

Software Detail

Red Hat Enterprise Linux

Number Of NVD

1680

CRITICAL

135

HIGH

590

MEDIUM

803

LOW

151

URL	https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation	Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee.
Tag	Linux 商用ライセンス有り

Add Information URL

No	Type	Name	URL
1			https://access.redhat.com/ja/articles/16476
2			https://access.redhat.com/support/policy/updates/errata
3			https://access.redhat.com/articles/3078
4			https://access.redhat.com/security
5			https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
1361	Red Hat Enterprise Linux 9	9.7	Nov. 11, 2025	May 17, 2022				4	127	172	17
1362	Red Hat Enterprise Linux 8	8.10	May 22, 2024	May 7, 2019	May 30, 2029			43	314	444	50
1363	Red Hat Enterprise Linux 7	7.9	Sept. 29, 2020	Dec. 11, 2013	Aug. 6, 2020	June 30, 2024		91	270	270	46
1364	Red Hat Enterprise Linux 6	6.10	June 19, 2018	Nov. 9, 2010	May 10, 2022	Nov. 30, 2020	June 30, 2024	72	169	210	55
1365	Red Hat Enterprise Linux 5	5.11	Sept. 16, 2014	March 15, 2007	March 31, 2017		Nov. 30, 2020	24	59	89	40
1366	Red Hat Enterprise Linux 4	4.5			Feb. 29, 2012		March 31, 2017	5	30	29	16
1367	Red Hat Enterprise Linux 3	3.0						0	33	44	17
1368	Red Hat Enterprise Linux 2	2.1 Update 7	April 28, 2005					0	32	37	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
1361	9.8 10.0	CRITICAL Network	GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, a…	CWE-78 OS Command	CVE-2014-6271	cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…	2026-04-23 01:07 2014-09-25	Show	GitHub Exploit DB Packet Storm

1362	- 5.0	MEDIUM	Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.	CWE-200 Information Exposure	CVE-2014-3562	cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 11:08 2014-08-21	Show	GitHub Exploit DB Packet Storm

1363	- 7.9	HIGH	NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a…	CWE-94 Code Injection	CVE-2014-3560	cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 11:08 2014-08-7	Show	GitHub Exploit DB Packet Storm

1364	- 1.2	LOW	libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declarat…	CWE-20 Improper Input Validation	CVE-2014-5177	cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 11:11 2014-08-4	Show	GitHub Exploit DB Packet Storm

1365	- 1.9	LOW	libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction …	CWE-20 Improper Input Validation	CVE-2014-0179	cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 11:01 2014-08-4	Show	GitHub Exploit DB Packet Storm

1366	- 9.3	HIGH	Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors rela…	NVD-CWE-noinfo	CVE-2014-2483	cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 11:06 2014-07-17	Show	GitHub Exploit DB Packet Storm

1367	- 2.3	LOW	The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensiti…	CWE-200 Information Exposure	CVE-2014-4027	cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 11:09 2014-06-23	Show	GitHub Exploit DB Packet Storm

1368	- 5.0	MEDIUM	A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. NOTE: this vulnerabil…	NVD-CWE-Other	CVE-2014-0186	cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 11:01 2014-06-14	Show	GitHub Exploit DB Packet Storm

1369	- 3.3	LOW	The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrict…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-0249	cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5:*	2024-11-21 11:01 2014-06-11	Show	GitHub Exploit DB Packet Storm

1370	- 4.3	MEDIUM	The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers t…	CWE-476 NULL Pointer Dereference	CVE-2014-3470	cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5:*	2024-11-21 11:08 2014-06-6	Show	GitHub Exploit DB Packet Storm