Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1717 CRITICAL 141 HIGH 605 MEDIUM 817 LOW 153
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • 商用ライセンス有り
  • Linux

Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
931 Red Hat Enterprise Linux 10.2 10.2 May 19, 2026 May 20, 2025 8 24 18 4
932 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 10 142 186 19
933 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 49 328 457 52
934 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 97 284 282 48
935 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 77 176 212 56
936 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
937 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
938 Red Hat Enterprise Linux 3 3.0 0 33 44 17
939 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
931 6.5
4.3
MEDIUM
Network
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory ch… CWE-190
 Integer Overflow or Wraparound
CVE-2019-9959 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:52
2019-07-23
Show GitHub Exploit DB Packet Storm
932 9.8
7.5
CRITICAL
Network
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embeddi… CWE-787
 Out-of-bounds Write
CVE-2019-1010238 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:18
2019-07-20
Show GitHub Exploit DB Packet Storm
933 7.8
7.2
HIGH
Local
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obta… NVD-CWE-noinfo
CVE-2019-13272 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
2024-11-21 13:24
2019-07-17
Show GitHub Exploit DB Packet Storm
934 8.1
5.8
HIGH
Network
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. CWE-125
Out-of-bounds Read
CVE-2019-13616 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:25
2019-07-17
Show GitHub Exploit DB Packet Storm
935 8.8
6.8
HIGH
Network
An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the d… CWE-787
 Out-of-bounds Write
CVE-2019-12527 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:23
2019-07-12
Show GitHub Exploit DB Packet Storm
936 7.2
6.5
HIGH
Network
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRA… CWE-787
 Out-of-bounds Write
CVE-2019-10193 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:18
2019-07-12
Show GitHub Exploit DB Packet Storm
937 7.2
6.5
HIGH
Network
A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using … CWE-787
 Out-of-bounds Write
CVE-2019-10192 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:18
2019-07-12
Show GitHub Exploit DB Packet Storm
938 7.8
2.1
HIGH
Local
libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line. CWE-200
Information Exposure
CVE-2019-13313 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:24
2019-07-5
Show GitHub Exploit DB Packet Storm
939 3.3
2.1
LOW
Local
Virt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line ar… - CVE-2019-10183 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:18
2019-07-3
Show GitHub Exploit DB Packet Storm
940 8.8
9.0
HIGH
Network
PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own… CWE-787
 Out-of-bounds Write
CVE-2019-10164 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:18
2019-06-27
Show GitHub Exploit DB Packet Storm