Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
111 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
112 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
113 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
114 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
115 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
116 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
117 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
118 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
119 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
120 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
121 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
122 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
123 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
124 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
125 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
126 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
127 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
128 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
129 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
130 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
131 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
132 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
133 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
134 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
135 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
136 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
137 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
138 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
139 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
140 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
141 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
142 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
143 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
144 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
145 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
111 3.3
2.1 		LOW
Local 		An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. An attacker could c… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2020-14378 cpe:2.3:o:canonical:ubuntu_linux:20.04:* 2024-11-21 14:03
2020-10-1 		Show GitHub Exploit DB Packet Storm
112 7.8
6.9 		HIGH
Local 		A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying iv_data from the VM guest memory into host memory can lead to a large buffer overflow. … CWE-120
Classic Buffer Overflow 		CVE-2020-14376 cpe:2.3:o:canonical:ubuntu_linux:20.04:* 2024-11-21 14:03
2020-10-1 		Show GitHub Exploit DB Packet Storm
113 7.8
4.4 		HIGH
Local 		A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and … CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2020-14375 cpe:2.3:o:canonical:ubuntu_linux:20.04:* 2024-11-21 14:03
2020-10-1 		Show GitHub Exploit DB Packet Storm
114 7.1
3.6 		HIGH
Local 		A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A complete lack of validation of attacker-controlled parameters can lead to a buffer over read. The results of the over read a… - CVE-2020-14377 cpe:2.3:o:canonical:ubuntu_linux:20.04:* 2024-11-21 14:03
2020-10-1 		Show GitHub Exploit DB Packet Storm
115 6.5
6.4 		MEDIUM
Network 		urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: th… CWE-74
Injection 		CVE-2020-26137 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:19
2020-10-1 		Show GitHub Exploit DB Packet Storm
116 7.2
6.4 		HIGH
Network 		http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by ins… CWE-74
Injection 		CVE-2020-26116 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:19
2020-09-27 		Show GitHub Exploit DB Packet Storm
117 5.5
2.1 		MEDIUM
Local 		A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID… CWE-276
Incorrect Default Permissions  		CVE-2020-26088 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:19
2020-09-25 		Show GitHub Exploit DB Packet Storm
118 6.1
4.3 		MEDIUM
Network 		An issue was discovered in the gon gem before gon-6.4.0 for Ruby. MultiJson does not honor the escape_mode parameter to escape fields as an XSS protection mechanism. To mitigate, json_dumper.rb in go… CWE-79
Cross-site Scripting 		CVE-2020-25739 cpe:2.3:o:canonical:ubuntu_linux:18.04:* 2024-11-21 14:18
2020-09-23 		Show GitHub Exploit DB Packet Storm
119 4.7
1.9 		MEDIUM
Local 		An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causi… CWE-476
 NULL Pointer Dereference 		CVE-2019-20919 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:39
2020-09-18 		Show GitHub Exploit DB Packet Storm
120 7.8
6.8 		HIGH
Local 		A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 conta… CWE-787
 Out-of-bounds Write 		CVE-2020-14382 cpe:2.3:o:canonical:ubuntu_linux:20.04:* 2024-11-21 14:03
2020-09-17 		Show GitHub Exploit DB Packet Storm