Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1704 CRITICAL 140 HIGH 597 MEDIUM 814 LOW 152
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り

Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
51 Red Hat Enterprise Linux 10.2 10.2 May 19, 2026 May 20, 2025 7 18 16 3
52 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 9 134 183 18
53 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 48 321 454 51
54 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 96 277 280 47
55 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 76 170 212 56
56 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
57 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
58 Red Hat Enterprise Linux 3 3.0 0 33 44 17
59 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
51 7.8
-
HIGH
Local
A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overfl… - CVE-2025-26596 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux…
2025-03-10 22:15
2025-02-26
Show GitHub Exploit DB Packet Storm
52 7.8
-
HIGH
Local
A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The cod… - CVE-2025-26595 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux…
2025-03-10 22:15
2025-02-26
Show GitHub Exploit DB Packet Storm
53 7.8
-
HIGH
Local
A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed me… - CVE-2025-26594 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux…
2025-03-10 22:15
2025-02-26
Show GitHub Exploit DB Packet Storm
54 6.8
-
MEDIUM
Network
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occur… - CVE-2025-26465 cpe:2.3:o:redhat:enterprise_linux:9.0:* 2025-03-6 03:54
2025-02-19
Show GitHub Exploit DB Packet Storm
55 7.5
-
HIGH
Network
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it… CWE-22
Path Traversal
CVE-2024-12088 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux…
2026-04-15 07:16
2025-01-15
Show GitHub Exploit DB Packet Storm
56 7.5
-
HIGH
Network
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even … CWE-22
Path Traversal
CVE-2024-12087 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2026-04-15 07:16
2025-01-15
Show GitHub Exploit DB Packet Storm
57 6.8
-
MEDIUM
Network
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. D… CWE-390
 Detection of Error Condition Without Action
CVE-2024-12086 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux…
2026-04-15 07:16
2025-01-15
Show GitHub Exploit DB Packet Storm
58 7.5
-
HIGH
Network
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checks… CWE-908
 Use of Uninitialized Resource
CVE-2024-12085 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2026-04-15 07:16
2025-01-15
Show GitHub Exploit DB Packet Storm
59 5.3
-
MEDIUM
Network
In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info. NVD-CWE-noinfo
CVE-2024-49395 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-14 22:33
2024-11-12
Show GitHub Exploit DB Packet Storm
60 5.3
-
MEDIUM
Network
In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original … CWE-347
 Improper Verification of Cryptographic Signature
CVE-2024-49394 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-14 22:38
2024-11-12
Show GitHub Exploit DB Packet Storm