Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
91 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
92 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
93 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
94 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
95 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
96 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
97 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
98 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
99 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
100 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
101 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
102 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
103 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
104 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
105 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
106 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
107 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
108 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
109 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
110 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
111 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
112 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
113 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
114 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
115 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
116 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
117 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
118 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
119 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
120 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
121 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
122 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
123 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
124 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
125 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
91 5.5
4.3 		MEDIUM
Local 		GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. if c->self_code equals 10, self->code_table[10].extends will assign t… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-29385 cpe:2.3:o:canonical:ubuntu_linux:20.10:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:* 		2024-11-21 14:23
2020-12-26 		Show GitHub Exploit DB Packet Storm
92 5.5
2.1 		MEDIUM
Local 		Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1… CWE-862
 Missing Authorization 		CVE-2020-27349 cpe:2.3:o:canonical:ubuntu_linux:20.10:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:21
2020-12-9 		Show GitHub Exploit DB Packet Storm
93 3.8
2.1 		LOW
Local 		The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubunt… CWE-209
Information Exposure Through an Error Message 		CVE-2020-16128 cpe:2.3:o:canonical:ubuntu_linux:20.10:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:06
2020-12-9 		Show GitHub Exploit DB Packet Storm
94 6.8
4.4 		MEDIUM
Local 		In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both pl… CWE-427
 Uncontrolled Search Path Element 		CVE-2020-27348 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:* 		2024-11-21 14:21
2020-12-4 		Show GitHub Exploit DB Packet Storm
95 4.7
2.1 		MEDIUM
Local 		An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCM_CREDENTIALS were missi… CWE-362
Race Condition 		CVE-2020-16123 cpe:2.3:o:canonical:ubuntu_linux:20.10:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:06
2020-12-4 		Show GitHub Exploit DB Packet Storm
96 4.7
4.7 		MEDIUM
Local 		An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8. There is a race condition between coredump operations and the IORING_OP_MADVISE implementation, aka CID-bc0c4d1… CWE-362
Race Condition 		CVE-2020-29372 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:23
2020-11-28 		Show GitHub Exploit DB Packet Storm
97 5.7
2.7 		MEDIUM
Adjacent 		Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access. CWE-787
 Out-of-bounds Write 		CVE-2020-0569 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:53
2020-11-24 		Show GitHub Exploit DB Packet Storm
98 7.8
2.1 		HIGH
Local 		PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured Policy… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2020-16122 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:06
2020-11-7 		Show GitHub Exploit DB Packet Storm
99 3.3
2.1 		LOW
Local 		PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own. CWE-209
Information Exposure Through an Error Message 		CVE-2020-16121 cpe:2.3:o:canonical:ubuntu_linux:20.04:* 2024-11-21 14:06
2020-11-7 		Show GitHub Exploit DB Packet Storm
100 7.8
4.6 		HIGH
Local 		Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-15708 cpe:2.3:o:canonical:ubuntu_linux:20.04:* 2024-11-21 14:06
2020-11-6 		Show GitHub Exploit DB Packet Storm