Software Detail

Software Informaton Top

Operating Systems

Software Detail

Red Hat Enterprise Linux

Number Of NVD

1680

CRITICAL

135

HIGH

590

MEDIUM

803

LOW

151

URL	https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation	Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee.
Tag	商用ライセンス有り Linux

Add Information URL

No	Type	Name	URL
1			https://access.redhat.com/ja/articles/16476
2			https://access.redhat.com/support/policy/updates/errata
3			https://access.redhat.com/articles/3078
4			https://access.redhat.com/security
5			https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
1441	Red Hat Enterprise Linux 9	9.7	Nov. 11, 2025	May 17, 2022				4	127	172	17
1442	Red Hat Enterprise Linux 8	8.10	May 22, 2024	May 7, 2019	May 30, 2029			43	314	444	50
1443	Red Hat Enterprise Linux 7	7.9	Sept. 29, 2020	Dec. 11, 2013	Aug. 6, 2020	June 30, 2024		91	270	270	46
1444	Red Hat Enterprise Linux 6	6.10	June 19, 2018	Nov. 9, 2010	May 10, 2022	Nov. 30, 2020	June 30, 2024	72	169	210	55
1445	Red Hat Enterprise Linux 5	5.11	Sept. 16, 2014	March 15, 2007	March 31, 2017		Nov. 30, 2020	24	59	89	40
1446	Red Hat Enterprise Linux 4	4.5			Feb. 29, 2012		March 31, 2017	5	30	29	16
1447	Red Hat Enterprise Linux 3	3.0						0	33	44	17
1448	Red Hat Enterprise Linux 2	2.1 Update 7	April 28, 2005					0	32	37	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
1441	- 4.3	MEDIUM	The sanitize_css method in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2…	CWE-79 Cross-site Scripting	CVE-2013-1855	cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 10:50 2013-03-20	Show	GitHub Exploit DB Packet Storm

1442	- 5.0	MEDIUM	The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attack…	CWE-20 Improper Input Validation	CVE-2013-1854	cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 10:50 2013-03-20	Show	GitHub Exploit DB Packet Storm

1443	- 1.9	LOW	The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap m…	CWE-200 Information Exposure	CVE-2012-6548	cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 10:46 2013-03-16	Show	GitHub Exploit DB Packet Storm

1444	- 1.9	LOW	The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted applicati…	CWE-200 Information Exposure	CVE-2012-6546	cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5:*	2024-11-21 10:46 2013-03-16	Show	GitHub Exploit DB Packet Storm

1445	- 1.9	LOW	The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a c…	CWE-200 Information Exposure	CVE-2012-6545	cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5:*	2024-11-21 10:46 2013-03-16	Show	GitHub Exploit DB Packet Storm

1446	- 1.9	LOW	The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a cr…	CWE-200 Information Exposure	CVE-2012-6544	cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5:*	2024-11-21 10:46 2013-03-16	Show	GitHub Exploit DB Packet Storm

1447	- 1.9	LOW	The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from ke…	CWE-200 Information Exposure	CVE-2012-6542	cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5:*	2024-11-21 10:46 2013-03-16	Show	GitHub Exploit DB Packet Storm

1448	- 1.9	LOW	The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive informati…	CWE-200 Information Exposure	CVE-2012-6538	cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 10:46 2013-03-16	Show	GitHub Exploit DB Packet Storm

1449	- 1.9	LOW	net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN…	CWE-200 Information Exposure	CVE-2012-6537	cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5:*	2024-11-21 10:46 2013-03-16	Show	GitHub Exploit DB Packet Storm

1450	- 1.9	LOW	HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/h…	CWE-59 Link Following	CVE-2013-0200	cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 10:47 2013-03-7	Show	GitHub Exploit DB Packet Storm