Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1680 CRITICAL 135 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
721 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 4 127 172 17
722 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 43 314 444 50
723 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 91 270 270 46
724 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 72 169 210 55
725 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
726 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
727 Red Hat Enterprise Linux 3 3.0 0 33 44 17
728 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
721 8.8
6.8 		HIGH
Network 		Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CWE-787
 Out-of-bounds Write 		CVE-2019-13734 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:25
2019-12-11 		Show GitHub Exploit DB Packet Storm
722 9.8
7.5 		CRITICAL
Network 		In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to pars… CWE-787
 Out-of-bounds Write 		CVE-2019-19334 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:34
2019-12-7 		Show GitHub Exploit DB Packet Storm
723 9.8
7.5 		CRITICAL
Network 		In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untru… CWE-787
 Out-of-bounds Write 		CVE-2019-19333 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:34
2019-12-7 		Show GitHub Exploit DB Packet Storm
724 6.5
6.4 		MEDIUM
Network 		An out-of-bounds read was discovered in OpenCV before 4.1.1. Specifically, variable coarsest_scale is assumed to be greater than or equal to finest_scale within the calc()/ocl_calc() functions in dis… CWE-125
Out-of-bounds Read 		CVE-2019-19624 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:35
2019-12-7 		Show GitHub Exploit DB Packet Storm
725 6.5
2.9 		MEDIUM
Adjacent 		In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks inf… CWE-203
 Information Exposure Through Discrepancy 		CVE-2019-13456 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 13:24
2019-12-4 		Show GitHub Exploit DB Packet Storm
726 4.7
3.3 		MEDIUM
Local 		shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2013-4235 cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux:5:* 		2024-11-21 10:55
2019-12-4 		Show GitHub Exploit DB Packet Storm
727 6.5
4.4 		MEDIUM
Local 		In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/x… CWE-787
CWE-416
 Out-of-bounds Write
 Use After Free 		CVE-2019-19319 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 13:34
2019-11-28 		Show GitHub Exploit DB Packet Storm
728 4.7
1.9 		MEDIUM
Local 		The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/… CWE-200
Information Exposure 		CVE-2019-18660 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 13:33
2019-11-28 		Show GitHub Exploit DB Packet Storm
729 9.8
10.0 		CRITICAL
Network 		The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP messag… CWE-74
Injection 		CVE-2011-2717 cpe:2.3:o:redhat:enterprise_linux:5.0:*
cpe:2.3:o:redhat:enterprise_linux:4.0:* 		2024-11-21 10:28
2019-11-28 		Show GitHub Exploit DB Packet Storm
730 5.3
5.0 		MEDIUM
Network 		dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate. CWE-295
Improper Certificate Validation  		CVE-2011-2207 cpe:2.3:o:redhat:enterprise_linux:6.0:* 2024-11-21 10:27
2019-11-28 		Show GitHub Exploit DB Packet Storm