| Red Hat Enterprise Linux | Number Of NVD | 1701 | CRITICAL | 140 | HIGH | 597 | MEDIUM | 812 | LOW | 151 |
| URL | https://www.redhat.com/technologies/linux-platforms/enterprise-linux | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee. |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://access.redhat.com/ja/articles/16476 | ||
| 2 | https://access.redhat.com/support/policy/updates/errata | ||
| 3 | https://access.redhat.com/articles/3078 | ||
| 4 | https://access.redhat.com/security | ||
| 5 | https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 31 | Red Hat Enterprise Linux 9 | 9.7 | Nov. 11, 2025 | May 17, 2022 | 9 | 134 | 181 | 17 | |||
| 32 | Red Hat Enterprise Linux 8 | 8.10 | May 22, 2024 | May 7, 2019 | May 30, 2029 | 48 | 321 | 452 | 50 | ||
| 33 | Red Hat Enterprise Linux 7 | 7.9 | Sept. 29, 2020 | Dec. 11, 2013 | Aug. 6, 2020 | June 30, 2024 | 96 | 277 | 278 | 46 | |
| 34 | Red Hat Enterprise Linux 6 | 6.10 | June 19, 2018 | Nov. 9, 2010 | May 10, 2022 | Nov. 30, 2020 | June 30, 2024 | 76 | 170 | 210 | 55 |
| 35 | Red Hat Enterprise Linux 5 | 5.11 | Sept. 16, 2014 | March 15, 2007 | March 31, 2017 | Nov. 30, 2020 | 24 | 59 | 89 | 40 | |
| 36 | Red Hat Enterprise Linux 4 | 4.5 | Feb. 29, 2012 | March 31, 2017 | 5 | 30 | 29 | 16 | |||
| 37 | Red Hat Enterprise Linux 3 | 3.0 | 0 | 33 | 44 | 17 | |||||
| 38 | Red Hat Enterprise Linux 2 | 2.1 Update 7 | April 28, 2005 | 0 | 32 | 37 | 6 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 31 |
7.5 - |
HIGH
Network |
A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes paramet… |
CWE-770
Allocation of Resources Without Limits or Throttling |
CVE-2026-3260 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-9 04:11 2026-03-24 |
Show | GitHub Exploit DB Packet Storm | ||||
| 32 |
6.5 - |
MEDIUM
Network |
A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when pro… |
CWE-190
Integer Overflow or Wraparound |
CVE-2025-14512 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-20 05:16 2025-12-11 |
Show | GitHub Exploit DB Packet Storm | ||||
| 33 |
9.8 - |
CRITICAL
Network |
A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GV… |
CWE-190
Integer Overflow or Wraparound |
CVE-2025-14087 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-20 05:16 2025-12-10 |
Show | GitHub Exploit DB Packet Storm | ||||
| 34 |
7.5 - |
HIGH
Network |
A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allow… |
CWE-843
Type Confusion |
CVE-2025-7424 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-15 07:16 2025-07-10 |
Show | GitHub Exploit DB Packet Storm | ||||
| 35 |
8.2 - |
HIGH
Network |
A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an … |
CWE-122
Heap-based Buffer Overflow |
CVE-2025-32990 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-21 07:16 2025-07-10 |
Show | GitHub Exploit DB Packet Storm | ||||
| 36 |
5.3 - |
MEDIUM
Network |
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw a… |
CWE-295
Improper Certificate Validation |
CVE-2025-32989 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-21 07:16 2025-07-10 |
Show | GitHub Exploit DB Packet Storm | ||||
| 37 |
8.2 - |
HIGH
Network |
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If … |
CWE-415
Double Free |
CVE-2025-32988 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-21 07:16 2025-07-10 |
Show | GitHub Exploit DB Packet Storm | ||||
| 38 |
2.5 - |
LOW
Local |
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, … |
CWE-121
Stack-based Buffer Overflow |
CVE-2025-6170 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-20 05:16 2025-06-17 |
Show | GitHub Exploit DB Packet Storm | ||||
| 39 |
7.5 - |
HIGH
Network |
A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a de… |
CWE-787
Out-of-bounds Write |
CVE-2025-6021 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-20 05:16 2025-06-12 |
Show | GitHub Exploit DB Packet Storm | ||||
| 40 |
7.8 - |
HIGH
Local |
A flaw was found in the HFS filesystem. When reading an HFS volume's name at grub_fs_mount(), the HFS filesystem driver performs a strcpy() using the user-provided volume name as input without proper… |
CWE-787 CWE-120 Out-of-bounds Write Classic Buffer Overflow |
CVE-2024-45782 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2025-03-8 04:45 2025-03-4 |
Show | GitHub Exploit DB Packet Storm |