Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1111 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
1112 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
1113 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
1114 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
1115 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
1116 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
1117 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
1118 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
1119 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
1120 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
1121 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
1122 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
1123 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
1124 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
1125 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
1126 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
1127 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
1128 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
1129 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
1130 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
1131 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
1132 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
1133 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
1134 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
1135 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
1136 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
1137 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
1138 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
1139 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
1140 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
1141 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
1142 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
1143 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
1144 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
1145 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1111 6.1
4.3 		MEDIUM
Network 		Persistent cross-site scripting (XSS) in http/cervlet.c in Tildeslash Monit before 5.25.3 allows a remote unauthenticated attacker to introduce arbitrary JavaScript via manipulation of an unsanitized… CWE-79
Cross-site Scripting 		CVE-2019-11454 cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:* 		2024-11-21 13:21
2019-04-23 		Show GitHub Exploit DB Packet Storm
1112 5.3
5.0 		MEDIUM
Network 		All versions of unity-scope-gdrive logs search terms to syslog. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2015-1343 cpe:2.3:o:canonical:ubuntu_linux:15.10:* 2024-11-21 11:25
2019-04-23 		Show GitHub Exploit DB Packet Storm
1113 7.8
7.2 		HIGH
Local 		Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_module_path. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2015-1341 cpe:2.3:o:canonical:ubuntu_linux:15.10:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 11:25
2019-04-23 		Show GitHub Exploit DB Packet Storm
1114 7.8
4.3 		HIGH
Local 		Content Hub before version 0.0+15.04.20150331-0ubuntu1.0 DBUS API only requires a file path for a content item, it doesn't actually require the confined app have access to the file to create a transf… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2015-1327 cpe:2.3:o:canonical:ubuntu_linux:15.04:* 2024-11-21 11:25
2019-04-23 		Show GitHub Exploit DB Packet Storm
1115 9.8
7.5 		CRITICAL
Network 		FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497. CWE-287
Improper Authentication 		CVE-2019-11234 cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:20
2019-04-22 		Show GitHub Exploit DB Packet Storm
1116 9.8
7.5 		CRITICAL
Network 		FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2019-11235 cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:20
2019-04-22 		Show GitHub Exploit DB Packet Storm
1117 8.8
6.8 		HIGH
Network 		libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array acce… CWE-476
 NULL Pointer Dereference 		CVE-2019-11338 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:20
2019-04-19 		Show GitHub Exploit DB Packet Storm
1118 7.5
5.0 		HIGH
Network 		The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succ… CWE-295
Improper Certificate Validation  		CVE-2019-11324 cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:20
2019-04-19 		Show GitHub Exploit DB Packet Storm
1119 7.5
5.0 		HIGH
Network 		A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs. CWE-416
 Use After Free 		CVE-2019-3885 cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:42
2019-04-19 		Show GitHub Exploit DB Packet Storm
1120 5.5
2.1 		MEDIUM
Local 		A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS CWE-400
 Uncontrolled Resource Consumption 		CVE-2018-16878 cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 12:53
2019-04-19 		Show GitHub Exploit DB Packet Storm