Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1680 CRITICAL 135 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
671 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 4 127 172 17
672 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 43 314 444 50
673 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 91 270 270 46
674 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 72 169 210 55
675 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
676 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
677 Red Hat Enterprise Linux 3 3.0 0 33 44 17
678 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
671 5.5
2.1 		MEDIUM
Local 		An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, … NVD-CWE-noinfo
CVE-2020-11669 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 13:58
2020-04-11 		Show GitHub Exploit DB Packet Storm
672 6.8
2.3 		MEDIUM
Adjacent 		A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 gu… CWE-200
Information Exposure 		CVE-2020-2732 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 14:26
2020-04-9 		Show GitHub Exploit DB Packet Storm
673 8.8
9.3 		HIGH
Network 		A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write… CWE-22
Path Traversal 		CVE-2020-10696 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 13:55
2020-04-1 		Show GitHub Exploit DB Packet Storm
674 7.8
4.6 		HIGH
Local 		A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse… CWE-416
 Use After Free 		CVE-2020-1712 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 14:11
2020-04-1 		Show GitHub Exploit DB Packet Storm
675 6.1
4.3 		MEDIUM
Network 		A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL … CWE-79
Cross-site Scripting 		CVE-2019-10221 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 13:18
2020-03-21 		Show GitHub Exploit DB Packet Storm
676 6.1
4.3 		MEDIUM
Network 		A vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site… - CVE-2019-10179 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 13:18
2020-03-21 		Show GitHub Exploit DB Packet Storm
677 4.7
2.6 		MEDIUM
Network 		A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An at… - CVE-2019-10146 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 13:18
2020-03-19 		Show GitHub Exploit DB Packet Storm
678 6.5
3.5 		MEDIUM
Network 		A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to … CWE-862
 Missing Authorization 		CVE-2020-1720 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 14:11
2020-03-18 		Show GitHub Exploit DB Packet Storm
679 9.8
7.5 		CRITICAL
Network 		The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct… CWE-22
Path Traversal 		CVE-2014-4650 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 11:10
2020-02-21 		Show GitHub Exploit DB Packet Storm
680 9.8
7.5 		CRITICAL
Network 		SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands… CWE-89
SQL Injection 		CVE-2014-8089 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:* 		2024-11-21 11:18
2020-02-18 		Show GitHub Exploit DB Packet Storm