Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1711 CRITICAL 141 HIGH 603 MEDIUM 814 LOW 152
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り

Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
1071 Red Hat Enterprise Linux 10.2 10.2 May 19, 2026 May 20, 2025 8 24 16 3
1072 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 10 140 183 18
1073 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 49 327 454 51
1074 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 97 283 280 47
1075 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 77 176 212 56
1076 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
1077 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
1078 Red Hat Enterprise Linux 3 3.0 0 33 44 17
1079 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
1071 5.2
2.7
MEDIUM
Adjacent
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could imp… NVD-CWE-Other
CVE-2019-3811 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 13:42
2019-01-16
Show GitHub Exploit DB Packet Storm
1072 4.7
1.9
MEDIUM
Local
It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service … CWE-269
 Improper Privilege Management
CVE-2018-16888 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:53
2019-01-15
Show GitHub Exploit DB Packet Storm
1073 3.3
2.1
LOW
Local
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Version… - CVE-2018-16866 cpe:2.3:o:redhat:enterprise_linux:7.6:* 2024-11-21 12:53
2019-01-12
Show GitHub Exploit DB Packet Storm
1074 5.3
2.6
MEDIUM
Network
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the tar… CWE-863
 Incorrect Authorization
CVE-2018-20685 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
2024-11-21 13:01
2019-01-11
Show GitHub Exploit DB Packet Storm
1075 6.5
4.3
MEDIUM
Network
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by craft… CWE-20
 Improper Input Validation 
CVE-2018-20662 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:01
2019-01-3
Show GitHub Exploit DB Packet Storm
1076 6.5
4.3
MEDIUM
Network
A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec clas… CWE-20
 Improper Input Validation 
CVE-2018-20650 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:01
2019-01-2
Show GitHub Exploit DB Packet Storm
1077 8.0
6.7
HIGH
Adjacent
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-af… - CVE-2018-16884 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:53
2018-12-19
Show GitHub Exploit DB Packet Storm
1078 9.8
7.5
CRITICAL
Network
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2018-18314 cpe:2.3:o:redhat:enterprise_linux:7.6:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 12:55
2018-12-8
Show GitHub Exploit DB Packet Storm
1079 9.1
6.4
CRITICAL
Network
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. CWE-125
Out-of-bounds Read
CVE-2018-18313 cpe:2.3:o:redhat:enterprise_linux:7.6:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 12:55
2018-12-8
Show GitHub Exploit DB Packet Storm
1080 9.8
7.5
CRITICAL
Network
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound
CVE-2018-18311 cpe:2.3:o:redhat:enterprise_linux:7.6:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 12:55
2018-12-8
Show GitHub Exploit DB Packet Storm