Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
101 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
102 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
103 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
104 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
105 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
106 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
107 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
108 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
109 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
110 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
111 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
112 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
113 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
114 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
115 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
116 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
117 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
118 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
119 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
120 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
121 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
122 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
123 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
124 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
125 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
126 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
127 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
128 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
129 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
130 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
131 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
132 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
133 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
134 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
135 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
101 4.3
4.3 		MEDIUM
Network 		WordPress before 5.5.2 allows CSRF attacks that change a theme's background image. CWE-352
 Origin Validation Error 		CVE-2020-28040 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:22
2020-11-3 		Show GitHub Exploit DB Packet Storm
102 9.1
6.4 		CRITICAL
Network 		is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected. NVD-CWE-noinfo
CVE-2020-28039 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:22
2020-11-3 		Show GitHub Exploit DB Packet Storm
103 4.9
6.8 		MEDIUM
Network 		Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi… NVD-CWE-noinfo
CVE-2020-14837 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:04
2020-10-22 		Show GitHub Exploit DB Packet Storm
104 6.1
2.6 		MEDIUM
Network 		In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Sche… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-15157 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:04
2020-10-17 		Show GitHub Exploit DB Packet Storm
105 7.5
5.0 		HIGH
Network 		A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by … - CVE-2020-25645 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:18
2020-10-14 		Show GitHub Exploit DB Packet Storm
106 6.6
6.5 		MEDIUM
Network 		Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affe… CWE-120
Classic Buffer Overflow 		CVE-2020-14355 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:03
2020-10-8 		Show GitHub Exploit DB Packet Storm
107 5.5
4.9 		MEDIUM
Local 		A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loo… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-25641 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:* 		2024-11-21 14:18
2020-10-6 		Show GitHub Exploit DB Packet Storm
108 6.5
6.4 		MEDIUM
Network 		In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually use… CWE-326
Inadequate Encryption Strength 		CVE-2020-7069 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:36
2020-10-3 		Show GitHub Exploit DB Packet Storm
109 5.3
5.0 		MEDIUM
Network 		In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with pref… CWE-565
 Reliance on Cookies without Validation and Integrity Checking 		CVE-2020-7070 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:36
2020-10-3 		Show GitHub Exploit DB Packet Storm
110 8.8
7.2 		HIGH
Local 		A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to wri… - CVE-2020-14374 cpe:2.3:o:canonical:ubuntu_linux:20.04:* 2024-11-21 14:03
2020-10-1 		Show GitHub Exploit DB Packet Storm