| Red Hat Enterprise Linux | Number Of NVD | 1680 | CRITICAL | 135 | HIGH | 590 | MEDIUM | 803 | LOW | 151 |
| URL | https://www.redhat.com/technologies/linux-platforms/enterprise-linux | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee. |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://access.redhat.com/ja/articles/16476 | ||
| 2 | https://access.redhat.com/support/policy/updates/errata | ||
| 3 | https://access.redhat.com/articles/3078 | ||
| 4 | https://access.redhat.com/security | ||
| 5 | https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 761 | Red Hat Enterprise Linux 9 | 9.7 | Nov. 11, 2025 | May 17, 2022 | 4 | 127 | 172 | 17 | |||
| 762 | Red Hat Enterprise Linux 8 | 8.10 | May 22, 2024 | May 7, 2019 | May 30, 2029 | 43 | 314 | 444 | 50 | ||
| 763 | Red Hat Enterprise Linux 7 | 7.9 | Sept. 29, 2020 | Dec. 11, 2013 | Aug. 6, 2020 | June 30, 2024 | 91 | 270 | 270 | 46 | |
| 764 | Red Hat Enterprise Linux 6 | 6.10 | June 19, 2018 | Nov. 9, 2010 | May 10, 2022 | Nov. 30, 2020 | June 30, 2024 | 72 | 169 | 210 | 55 |
| 765 | Red Hat Enterprise Linux 5 | 5.11 | Sept. 16, 2014 | March 15, 2007 | March 31, 2017 | Nov. 30, 2020 | 24 | 59 | 89 | 40 | |
| 766 | Red Hat Enterprise Linux 4 | 4.5 | Feb. 29, 2012 | March 31, 2017 | 5 | 30 | 29 | 16 | |||
| 767 | Red Hat Enterprise Linux 3 | 3.0 | 0 | 33 | 44 | 17 | |||||
| 768 | Red Hat Enterprise Linux 2 | 2.1 Update 7 | April 28, 2005 | 0 | 32 | 37 | 6 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 761 |
7.5 5.0 |
HIGH
Network |
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote m… |
CWE-476
NULL Pointer Dereference |
CVE-2016-5285 |
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux… |
2024-11-21 11:53 2019-11-16 |
Show | GitHub Exploit DB Packet Storm | ||||
| 762 |
6.5 2.1 |
MEDIUM
Local |
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. |
NVD-CWE-noinfo
|
CVE-2019-11135 | cpe:2.3:o:redhat:enterprise_linux:8.0:* |
2024-11-21 13:20 2019-11-15 |
Show | GitHub Exploit DB Packet Storm | ||||
| 763 |
8.2 6.4 |
HIGH
Network |
Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified. |
CWE-20
Improper Input Validation |
CVE-2012-1168 | cpe:2.3:o:redhat:enterprise_linux:6.0:* |
2024-11-21 10:36 2019-11-15 |
Show | GitHub Exploit DB Packet Storm | ||||
| 764 |
7.5 5.0 |
HIGH
Network |
Moodle before 2.2.2 has users' private files included in course backups |
CWE-532
Inclusion of Sensitive Information in Log Files |
CVE-2012-1156 | cpe:2.3:o:redhat:enterprise_linux:6.0:* |
2024-11-21 10:36 2019-11-15 |
Show | GitHub Exploit DB Packet Storm | ||||
| 765 |
7.5 5.0 |
HIGH
Network |
Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to |
CWE-200
Information Exposure |
CVE-2012-1155 | cpe:2.3:o:redhat:enterprise_linux:6.0:* |
2024-11-21 10:36 2019-11-15 |
Show | GitHub Exploit DB Packet Storm | ||||
| 766 |
7.8 4.6 |
HIGH
Local |
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string. |
CWE-120
Classic Buffer Overflow |
CVE-2011-1145 |
cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5.0:* cpe:2.3:o:redhat:enterprise_linux… |
2024-11-21 10:25 2019-11-14 |
Show | GitHub Exploit DB Packet Storm | ||||
| 767 |
8.8 6.5 |
HIGH
Network |
In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session. |
CWE-269
Improper Privilege Management |
CVE-2010-4664 | cpe:2.3:o:redhat:enterprise_linux:6.0:* |
2024-11-21 10:21 2019-11-14 |
Show | GitHub Exploit DB Packet Storm | ||||
| 768 |
7.8 4.6 |
HIGH
Local |
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. |
CWE-434
Unrestricted Upload of File with Dangerous Type |
CVE-2010-4661 | cpe:2.3:o:redhat:enterprise_linux:6.0:* |
2024-11-21 10:21 2019-11-14 |
Show | GitHub Exploit DB Packet Storm | ||||
| 769 |
7.5 5.0 |
HIGH
Network |
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output. |
CWE-772
Missing Release of Resource after Effective Lifetime |
CVE-2010-4657 |
cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5.0:* |
2024-11-21 10:21 2019-11-14 |
Show | GitHub Exploit DB Packet Storm | ||||
| 770 |
9.8 7.5 |
CRITICAL
Network |
gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw |
CWE-20
Improper Input Validation |
CVE-2011-2897 |
cpe:2.3:o:redhat:enterprise_linux:5.0:* cpe:2.3:o:redhat:enterprise_linux:4.0:* |
2024-11-21 10:29 2019-11-12 |
Show | GitHub Exploit DB Packet Storm |