Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1711 CRITICAL 141 HIGH 603 MEDIUM 814 LOW 152
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り

Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
1111 Red Hat Enterprise Linux 10.2 10.2 May 19, 2026 May 20, 2025 8 24 16 3
1112 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 10 140 183 18
1113 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 49 327 454 51
1114 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 97 283 280 47
1115 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 77 176 212 56
1116 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
1117 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
1118 Red Hat Enterprise Linux 3 3.0 0 33 44 17
1119 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
1111 8.8
6.5
HIGH
Network
A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use … - CVE-2018-10928 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
2024-11-21 12:42
2018-09-5
Show GitHub Exploit DB Packet Storm
1112 8.8
6.5
HIGH
Network
A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execut… - CVE-2018-10926 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
2024-11-21 12:42
2018-09-5
Show GitHub Exploit DB Packet Storm
1113 8.1
6.8
HIGH
Network
A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could… CWE-297
 Improper Validation of Certificate with Host Mismatch
CVE-2018-10936 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
2024-11-21 12:42
2018-08-30
Show GitHub Exploit DB Packet Storm
1114 7.5
5.0
HIGH
Network
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the serve… CWE-252
 Unchecked Return Value
CVE-2018-14622 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:49
2018-08-30
Show GitHub Exploit DB Packet Storm
1115 9.8
10.0
CRITICAL
Network
mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that… CWE-94
Code Injection
CVE-2011-2767 cpe:2.3:o:redhat:enterprise_linux:7.6:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 10:28
2018-08-27
Show GitHub Exploit DB Packet Storm
1116 5.5
2.1
MEDIUM
Local
libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing. CWE-200
Information Exposure
CVE-2015-5160 cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux:5:*
2024-11-21 11:32
2018-08-21
Show GitHub Exploit DB Packet Storm
1117 5.5
4.9
MEDIUM
Local
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operati… - CVE-2018-10883 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:42
2018-07-31
Show GitHub Exploit DB Packet Storm
1118 7.8
4.6
HIGH
Local
A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug except… CWE-755
 Improper Handling of Exceptional Conditions
CVE-2017-7518 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:32
2018-07-31
Show GitHub Exploit DB Packet Storm
1119 9.8
7.5
CRITICAL
Network
A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be li… CWE-787
 Out-of-bounds Write
CVE-2017-15118 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:14
2018-07-28
Show GitHub Exploit DB Packet Storm
1120 5.5
4.9
MEDIUM
Local
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to … - CVE-2017-2618 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:23
2018-07-28
Show GitHub Exploit DB Packet Storm