Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1680 CRITICAL 135 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
851 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 4 127 172 17
852 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 43 314 444 50
853 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 91 270 270 46
854 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 72 169 210 55
855 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
856 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
857 Red Hat Enterprise Linux 3 3.0 0 33 44 17
858 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
851 7.5
7.8 		HIGH
Network 		Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the st… NVD-CWE-Other
CVE-2019-9513 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:51
2019-08-14 		Show GitHub Exploit DB Packet Storm
852 7.5
7.8 		HIGH
Network 		Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2019-9511 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:51
2019-08-14 		Show GitHub Exploit DB Packet Storm
853 7.8
4.6 		HIGH
Local 		The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emu… CWE-22
Path Traversal 		CVE-2019-10168 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 13:18
2019-08-2 		Show GitHub Exploit DB Packet Storm
854 7.8
4.6 		HIGH
Local 		The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Sinc… CWE-22
CWE-862
Path Traversal
 Missing Authorization 		CVE-2019-10167 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 13:18
2019-08-2 		Show GitHub Exploit DB Packet Storm
855 7.8
4.6 		HIGH
Local 		It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify m… NVD-CWE-Other
CVE-2019-10166 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 13:18
2019-08-2 		Show GitHub Exploit DB Packet Storm
856 7.5
4.3 		HIGH
Network 		An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc. CWE-369
 Divide By Zero 		CVE-2019-14494 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 13:26
2019-08-2 		Show GitHub Exploit DB Packet Storm
857 8.1
5.8 		HIGH
Network 		It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting t… CWE-295
Improper Certificate Validation  		CVE-2019-3890 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 13:42
2019-08-1 		Show GitHub Exploit DB Packet Storm
858 5.0
4.0 		MEDIUM
Network 		A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster e… NVD-CWE-Other
CVE-2019-10153 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:18
2019-07-31 		Show GitHub Exploit DB Packet Storm
859 7.8
7.2 		HIGH
Local 		It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed wit… CWE-22
CWE-862
Path Traversal
 Missing Authorization 		CVE-2019-10161 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 13:18
2019-07-31 		Show GitHub Exploit DB Packet Storm
860 7.5
5.0 		HIGH
Network 		A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null po… - CVE-2018-16871 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:53
2019-07-31 		Show GitHub Exploit DB Packet Storm