Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1131 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
1132 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
1133 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
1134 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
1135 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
1136 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
1137 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
1138 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
1139 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
1140 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
1141 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
1142 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
1143 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
1144 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
1145 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
1146 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
1147 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
1148 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
1149 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
1150 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
1151 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
1152 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
1153 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
1154 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
1155 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
1156 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
1157 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
1158 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
1159 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
1160 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
1161 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
1162 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
1163 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
1164 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
1165 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1131 7.5
5.0 		HIGH
Network 		In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read. CWE-125
Out-of-bounds Read 		CVE-2019-10899 cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:20
2019-04-9 		Show GitHub Exploit DB Packet Storm
1132 7.5
5.0 		HIGH
Network 		In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes. CWE-787
 Out-of-bounds Write 		CVE-2019-10896 cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:20
2019-04-9 		Show GitHub Exploit DB Packet Storm
1133 7.5
5.0 		HIGH
Network 		In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation. CWE-125
Out-of-bounds Read 		CVE-2019-10895 cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:20
2019-04-9 		Show GitHub Exploit DB Packet Storm
1134 7.5
5.0 		HIGH
Network 		In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called. CWE-617
 Reachable Assertion 		CVE-2019-10894 cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:20
2019-04-9 		Show GitHub Exploit DB Packet Storm
1135 5.1
1.9 		MEDIUM
Local 		A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerabil… CWE-706
 Use of Incorrectly-Resolved Name or Reference 		CVE-2019-0816 cpe:2.3:o:canonical:ubuntu_linux:18.04:* 2024-11-21 13:17
2019-04-9 		Show GitHub Exploit DB Packet Storm
1136 7.8
7.2 		HIGH
Local 		In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scrip… CWE-416
 Use After Free 		CVE-2019-0211 cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:16
2019-04-9 		Show GitHub Exploit DB Packet Storm
1137 7.5
6.0 		HIGH
Network 		In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another usern… CWE-362
Race Condition 		CVE-2019-0217 cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:16
2019-04-9 		Show GitHub Exploit DB Packet Storm
1138 8.8
6.8 		HIGH
Network 		In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (applicatio… CWE-787
 Out-of-bounds Write 		CVE-2019-11008 cpe:2.3:o:canonical:ubuntu_linux:18.04:* 2024-11-21 13:20
2019-04-9 		Show GitHub Exploit DB Packet Storm
1139 8.1
5.8 		HIGH
Network 		In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information dis… CWE-125
Out-of-bounds Read 		CVE-2019-11007 cpe:2.3:o:canonical:ubuntu_linux:18.04:* 2024-11-21 13:20
2019-04-9 		Show GitHub Exploit DB Packet Storm
1140 8.6
5.0 		HIGH
Network 		In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. NVD-CWE-noinfo
CVE-2019-10906 cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:20
2019-04-7 		Show GitHub Exploit DB Packet Storm