| Red Hat Enterprise Linux | Number Of NVD | 1717 | CRITICAL | 141 | HIGH | 605 | MEDIUM | 817 | LOW | 153 |
| URL | https://www.redhat.com/technologies/linux-platforms/enterprise-linux | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee. |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://access.redhat.com/ja/articles/16476 | ||
| 2 | https://access.redhat.com/support/policy/updates/errata | ||
| 3 | https://access.redhat.com/articles/3078 | ||
| 4 | https://access.redhat.com/security | ||
| 5 | https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 781 | Red Hat Enterprise Linux 10.2 | 10.2 | May 19, 2026 | May 20, 2025 | 8 | 24 | 18 | 4 | |||
| 782 | Red Hat Enterprise Linux 9 | 9.7 | Nov. 11, 2025 | May 17, 2022 | 10 | 142 | 186 | 19 | |||
| 783 | Red Hat Enterprise Linux 8 | 8.10 | May 22, 2024 | May 7, 2019 | May 30, 2029 | 49 | 328 | 457 | 52 | ||
| 784 | Red Hat Enterprise Linux 7 | 7.9 | Sept. 29, 2020 | Dec. 11, 2013 | Aug. 6, 2020 | June 30, 2024 | 97 | 284 | 282 | 48 | |
| 785 | Red Hat Enterprise Linux 6 | 6.10 | June 19, 2018 | Nov. 9, 2010 | May 10, 2022 | Nov. 30, 2020 | June 30, 2024 | 77 | 176 | 212 | 56 |
| 786 | Red Hat Enterprise Linux 5 | 5.11 | Sept. 16, 2014 | March 15, 2007 | March 31, 2017 | Nov. 30, 2020 | 24 | 59 | 89 | 40 | |
| 787 | Red Hat Enterprise Linux 4 | 4.5 | Feb. 29, 2012 | March 31, 2017 | 5 | 30 | 29 | 16 | |||
| 788 | Red Hat Enterprise Linux 3 | 3.0 | 0 | 33 | 44 | 17 | |||||
| 789 | Red Hat Enterprise Linux 2 | 2.1 Update 7 | April 28, 2005 | 0 | 32 | 37 | 6 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 781 |
5.9 4.3 |
MEDIUM
Network |
The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections … |
CWE-522
Insufficiently Protected Credentials |
CVE-2019-10214 | cpe:2.3:o:redhat:enterprise_linux:8.0:* |
2024-11-21 13:18 2019-11-25 |
Show | GitHub Exploit DB Packet Storm | ||||
| 782 |
7.5 7.8 |
HIGH
Network |
PyXML: Hash table collisions CPU usage Denial of Service |
CWE-400
Uncontrolled Resource Consumption |
CVE-2012-0877 |
cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5.0:* |
2024-11-21 10:35 2019-11-23 |
Show | GitHub Exploit DB Packet Storm | ||||
| 783 |
4.7 3.3 |
MEDIUM
Local |
libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files |
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition |
CVE-2015-7810 | cpe:2.3:o:redhat:enterprise_linux:7.0:* |
2024-11-21 11:37 2019-11-23 |
Show | GitHub Exploit DB Packet Storm | ||||
| 784 |
9.8 10.0 |
CRITICAL
Network |
redhat-upgrade-tool: Does not check GPG signatures when upgrading versions |
CWE-347
Improper Verification of Cryptographic Signature |
CVE-2014-3585 |
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* |
2024-11-21 11:08 2019-11-23 |
Show | GitHub Exploit DB Packet Storm | ||||
| 785 |
7.5 5.0 |
HIGH
Network |
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. |
CWE-200
Information Exposure |
CVE-2013-1817 | cpe:2.3:o:redhat:enterprise_linux:6.0:* |
2024-11-21 10:50 2019-11-21 |
Show | GitHub Exploit DB Packet Storm | ||||
| 786 |
7.5 5.0 |
HIGH
Network |
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. |
CWE-20
Improper Input Validation |
CVE-2013-1816 | cpe:2.3:o:redhat:enterprise_linux:6.0:* |
2024-11-21 10:50 2019-11-21 |
Show | GitHub Exploit DB Packet Storm | ||||
| 787 |
5.5 4.9 |
MEDIUM
Local |
tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes. |
CWE-276
Incorrect Default Permissions |
CVE-2012-6136 | cpe:2.3:o:redhat:enterprise_linux:6.0:* |
2024-11-21 10:45 2019-11-21 |
Show | GitHub Exploit DB Packet Storm | ||||
| 788 |
7.5 5.0 |
HIGH
Network |
tog-Pegasus has a package hash collision DoS vulnerability |
CWE-20
Improper Input Validation |
CVE-2011-4967 |
cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5.0:* cpe:2.3:o:redhat:enterprise_linux… |
2024-11-21 10:33 2019-11-20 |
Show | GitHub Exploit DB Packet Storm | ||||
| 789 |
5.5 2.1 |
MEDIUM
Local |
Trusted Boot (tboot) before 1.8.2 has a 'loader.c' Security Bypass Vulnerability |
CWE-20
Improper Input Validation |
CVE-2014-5118 |
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* |
2024-11-21 11:11 2019-11-19 |
Show | GitHub Exploit DB Packet Storm | ||||
| 790 |
5.9 7.1 |
MEDIUM
Network |
A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory … |
CWE-401
Missing Release of Memory after Effective Lifetime |
CVE-2019-19081 |
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* |
2024-11-21 13:34 2019-11-18 |
Show | GitHub Exploit DB Packet Storm |