Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1711 CRITICAL 141 HIGH 603 MEDIUM 814 LOW 152
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り

Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
1141 Red Hat Enterprise Linux 10.2 10.2 May 19, 2026 May 20, 2025 8 24 16 3
1142 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 10 140 183 18
1143 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 49 327 454 51
1144 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 97 283 280 47
1145 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 77 176 212 56
1146 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
1147 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
1148 Red Hat Enterprise Linux 3 3.0 0 33 44 17
1149 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
1141 5.9
7.1
MEDIUM
Network
389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. An anonymous attack… CWE-362
Race Condition
CVE-2018-10850 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:42
2018-06-14
Show GitHub Exploit DB Packet Storm
1142 7.5
5.0
HIGH
Network
Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. CWE-326
Inadequate Encryption Strength
CVE-2018-5184 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
2024-11-21 13:08
2018-06-12
Show GitHub Exploit DB Packet Storm
1143 9.8
7.5
CRITICAL
Network
A use-after-free vulnerability can occur while editing events in form elements on a page, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.6 and Thunderbird <… CWE-416
 Use After Free
CVE-2018-5096 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
2024-11-21 13:08
2018-06-12
Show GitHub Exploit DB Packet Storm
1144 9.8
7.5
CRITICAL
Network
A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.… CWE-416
 Use After Free
CVE-2018-5091 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
2024-11-21 13:08
2018-06-12
Show GitHub Exploit DB Packet Storm
1145 5.3
5.0
MEDIUM
Network
RSS fields can inject new lines into the created email structure, modifying the message body. This vulnerability affects Thunderbird < 52.5.2. CWE-74
Injection
CVE-2017-7848 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
2024-11-21 12:32
2018-06-12
Show GitHub Exploit DB Packet Storm
1146 9.8
7.5
CRITICAL
Network
A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affect… CWE-416
 Use After Free
CVE-2017-7793 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 12:32
2018-06-12
Show GitHub Exploit DB Packet Storm
1147 9.8
7.5
CRITICAL
Network
A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Fir… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2017-7786 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 12:32
2018-06-12
Show GitHub Exploit DB Packet Storm
1148 9.8
7.5
CRITICAL
Network
A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. This vulnerability affects Thund… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2017-7785 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 12:32
2018-06-12
Show GitHub Exploit DB Packet Storm
1149 7.5
5.0
HIGH
Network
An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. CWE-125
Out-of-bounds Read
CVE-2017-7754 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
2024-11-21 12:32
2018-06-12
Show GitHub Exploit DB Packet Storm
1150 9.1
6.4
CRITICAL
Network
An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefo… CWE-125
Out-of-bounds Read
CVE-2017-7753 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
2024-11-21 12:32
2018-06-12
Show GitHub Exploit DB Packet Storm