I don't think there is any software that can be qualified absolutely as "safe".
Also, your security concerns may be different depending on your local situation (e.g. a completely stand-alone, non-internet-connected network inside a secure building is very different security-wise from a world-wide Internet-accessible web server that is not protected by any external firewall).
The rule of thumb is: the less software there is, the less potential for bugs and security weaknesses. So don't install things you don't need.
Even so, there might be three major classes of software packages:
- regular tools and libraries for the local users, with no SUID/SGID components or network services: these can only do what the user with a shell access could do on his/her own, so they are the safest type. However, if subjected to malicious data, even these can be sometimes used for evil purposes.
- packages containing locally-accessible SUID/SGID binaries: these can allow users to do some things they otherwise couldn't, and may allow a malicious local user to get root access if they contain a bug. Think carefully before installing.
- Network-accessible services. Anyone that can access them over the network can also potentially attack them, so any extra services increase the number of ways your server can be attacked. Don't install if you don't have a clear idea how these will be used. You should also have a plan for configuring/restricting the services you install to suit your requirements. Most network services in RHEL are now disabled by default, and they must be configured or at least deliberately enabled. A notable exception is sshd: in RHEL 6, it is by default enabled and even allows root logins. If your server is not protected by any firewall to restrict SSH access, you should disallow direct root logins and seriously consider allowing SSH access with SSH key-based authentication only. Otherwise anyone on the Internet can try and brute-force your root password.