Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1711 CRITICAL 141 HIGH 603 MEDIUM 814 LOW 152
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • 商用ライセンス有り
  • Linux

Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
1401 Red Hat Enterprise Linux 10.2 10.2 May 19, 2026 May 20, 2025 8 24 16 3
1402 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 10 140 183 18
1403 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 49 327 454 51
1404 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 97 283 280 47
1405 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 77 176 212 56
1406 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
1407 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
1408 Red Hat Enterprise Linux 3 3.0 0 33 44 17
1409 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
1401 -
4.3
MEDIUM The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers t… CWE-476
 NULL Pointer Dereference
CVE-2014-3470 cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux:5:*
2024-11-21 11:08
2014-06-6
Show GitHub Exploit DB Packet Storm
1402 7.4
5.8
HIGH
Network
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a z… CWE-326
Inadequate Encryption Strength
CVE-2014-0224 cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux:5:*
cpe:2.3:o:redhat:enterprise_linux:4…
2024-11-21 11:01
2014-06-6
Show GitHub Exploit DB Packet Storm
1403 -
4.3
MEDIUM The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client… NVD-CWE-noinfo
CVE-2014-0221 cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux:5:*
2024-11-21 11:01
2014-06-6
Show GitHub Exploit DB Packet Storm
1404 -
4.0
MEDIUM The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing cert… CWE-362
Race Condition
CVE-2014-3940 cpe:2.3:o:redhat:enterprise_linux:6.0:* 2024-11-21 11:09
2014-06-6
Show GitHub Exploit DB Packet Storm
1405 -
3.3
LOW kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel m… CWE-200
Information Exposure
CVE-2014-3917 cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux:5:*
2024-11-21 11:09
2014-06-6
Show GitHub Exploit DB Packet Storm
1406 5.5
6.9
MEDIUM
Local
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial … CWE-362
Race Condition
CVE-2014-0196 cpe:2.3:o:redhat:enterprise_linux:6.0:* 2026-04-22 05:07
2014-05-7
Show GitHub Exploit DB Packet Storm
1407 -
4.9
MEDIUM Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, whic… CWE-189
Numeric Errors
CVE-2014-0150 cpe:2.3:o:redhat:enterprise_linux:6.0:* 2024-11-21 11:01
2014-04-18
Show GitHub Exploit DB Packet Storm
1408 -
4.0
MEDIUM Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest c… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2011-3346 cpe:2.3:o:redhat:enterprise_linux:5:* 2024-11-21 10:30
2014-04-1
Show GitHub Exploit DB Packet Storm
1409 -
3.7
LOW Luci in Red Hat Conga does not properly enforce the user session timeout, which might allow attackers to gain access to the session by reading the __ac session cookie. NOTE: this issue has been SPLI… CWE-264
Permissions, Privileges, and Access Controls
CVE-2013-7347 cpe:2.3:o:redhat:enterprise_linux:5:* 2024-11-21 11:00
2014-03-31
Show GitHub Exploit DB Packet Storm
1410 -
3.7
LOW Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac session cookie, which allows attackers to gain privileges by accessing this cookie. NOTE: this is… CWE-255
Credentials Management
CVE-2012-3359 cpe:2.3:o:redhat:enterprise_linux:5:* 2024-11-21 10:40
2014-03-31
Show GitHub Exploit DB Packet Storm