Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1717 CRITICAL 141 HIGH 605 MEDIUM 817 LOW 153
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • 商用ライセンス有り
  • Linux

Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
681 Red Hat Enterprise Linux 10.2 10.2 May 19, 2026 May 20, 2025 8 24 18 4
682 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 10 142 186 19
683 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 49 328 457 52
684 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 97 284 282 48
685 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 77 176 212 56
686 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
687 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
688 Red Hat Enterprise Linux 3 3.0 0 33 44 17
689 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
681 7.5
5.0
HIGH
Network
<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow … NVD-CWE-noinfo
CVE-2020-1045 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 14:09
2020-09-12
Show GitHub Exploit DB Packet Storm
682 7.5
5.0
HIGH
Network
A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the ker… - CVE-2020-1749 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 14:11
2020-09-10
Show GitHub Exploit DB Packet Storm
683 5.5
2.1
MEDIUM
Local
A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service. CWE-416
 Use After Free
CVE-2020-14373 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
2024-11-21 14:03
2020-09-4
Show GitHub Exploit DB Packet Storm
684 5.0
4.4
MEDIUM
Local
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exce… CWE-125
CWE-787
Out-of-bounds Read
 Out-of-bounds Write
CVE-2020-14364 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 14:03
2020-09-1
Show GitHub Exploit DB Packet Storm
685 7.8
7.2
HIGH
Local
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or e… CWE-476
 NULL Pointer Dereference
CVE-2020-14356 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 14:03
2020-08-20
Show GitHub Exploit DB Packet Storm
686 7.5
5.0
HIGH
Network
Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resou… CWE-444
HTTP Request Smuggling
CVE-2020-9490 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 14:40
2020-08-8
Show GitHub Exploit DB Packet Storm
687 6.0
3.6
MEDIUM
Local
There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow lead… - CVE-2020-14311 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
2024-11-21 14:02
2020-08-1
Show GitHub Exploit DB Packet Storm
688 6.0
3.6
MEDIUM
Local
There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with bu… CWE-190
 Integer Overflow or Wraparound
CVE-2020-14310 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
2024-11-21 14:02
2020-08-1
Show GitHub Exploit DB Packet Storm
689 6.4
4.4
MEDIUM
Local
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not include… CWE-362
CWE-190
Race Condition
 Integer Overflow or Wraparound
CVE-2020-15707 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
2024-11-21 14:06
2020-07-30
Show GitHub Exploit DB Packet Storm
690 6.4
4.4
MEDIUM
Local
GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executin… CWE-362
CWE-416
Race Condition
 Use After Free
CVE-2020-15706 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
2024-11-21 14:06
2020-07-30
Show GitHub Exploit DB Packet Storm