Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1717 CRITICAL 141 HIGH 605 MEDIUM 817 LOW 153
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • 商用ライセンス有り
  • Linux

Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
951 Red Hat Enterprise Linux 10.2 10.2 May 19, 2026 May 20, 2025 8 24 18 4
952 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 10 142 186 19
953 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 49 328 457 52
954 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 97 284 282 48
955 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 77 176 212 56
956 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
957 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
958 Red Hat Enterprise Linux 3 3.0 0 33 44 17
959 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
951 7.0
4.4
HIGH
Local
An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to … CWE-787
CWE-191
 Out-of-bounds Write
 Integer Underflow (Wrap or Wraparound)
CVE-2019-9755 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:52
2019-06-6
Show GitHub Exploit DB Packet Storm
952 4.1
4.7
MEDIUM
Local
An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attac… CWE-476
 NULL Pointer Dereference
CVE-2019-12614 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
2024-11-21 13:23
2019-06-4
Show GitHub Exploit DB Packet Storm
953 9.8
7.5
CRITICAL
Network
The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCal… CWE-787
 Out-of-bounds Write
CVE-2019-11356 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:20
2019-06-4
Show GitHub Exploit DB Packet Storm
954 8.8
8.3
HIGH
Adjacent
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. - CVE-2019-3846 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 13:42
2019-06-4
Show GitHub Exploit DB Packet Storm
955 9.8
7.5
CRITICAL
Network
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used. CWE-362
CWE-276
Race Condition
Incorrect Default Permissions 
CVE-2019-12450 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:22
2019-05-30
Show GitHub Exploit DB Packet Storm
956 7.0
6.9
HIGH
Local
It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privilege… - CVE-2019-10143 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:18
2019-05-25
Show GitHub Exploit DB Packet Storm
957 6.5
4.3
MEDIUM
Network
Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CWE-125
Out-of-bounds Read
CVE-2019-5798 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 13:45
2019-05-24
Show GitHub Exploit DB Packet Storm
958 7.8
6.8
HIGH
Local
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, fo… NVD-CWE-noinfo
CVE-2019-3839 cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*
2024-11-21 13:42
2019-05-17
Show GitHub Exploit DB Packet Storm
959 7.5
5.0
HIGH
Network
A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique … CWE-400
 Uncontrolled Resource Consumption
CVE-2019-0820 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:17
2019-05-17
Show GitHub Exploit DB Packet Storm
960 5.5
2.1
MEDIUM
Local
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading unini… CWE-908
 Use of Uninitialized Resource
CVE-2019-11833 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:21
2019-05-15
Show GitHub Exploit DB Packet Storm