Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1231 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
1232 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
1233 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
1234 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
1235 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
1236 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
1237 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
1238 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
1239 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
1240 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
1241 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
1242 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
1243 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
1244 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
1245 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
1246 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
1247 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
1248 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
1249 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
1250 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
1251 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
1252 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
1253 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
1254 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
1255 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
1256 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
1257 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
1258 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
1259 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
1260 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
1261 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
1262 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
1263 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
1264 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
1265 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1231 8.8
6.8 		HIGH
Network 		do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf. CWE-125
Out-of-bounds Read 		CVE-2019-8904 cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:50
2019-02-19 		Show GitHub Exploit DB Packet Storm
1232 5.0
4.3 		MEDIUM
Local 		An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expecte… CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound 		CVE-2019-8354 cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:49
2019-02-16 		Show GitHub Exploit DB Packet Storm
1233 8.1
6.8 		HIGH
Network 		In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. CWE-362
CWE-416
Race Condition
 Use After Free 		CVE-2019-6974 cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:47
2019-02-16 		Show GitHub Exploit DB Packet Storm
1234 7.8
2.1 		HIGH
Local 		In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext. CWE-522
 Insufficiently Protected Credentials 		CVE-2018-20781 cpe:2.3:o:canonical:ubuntu_linux:16.04:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:* 		2024-11-21 13:02
2019-02-13 		Show GitHub Exploit DB Packet Storm
1235 8.6
9.3 		HIGH
Local 		runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to e… CWE-78
OS Command  		CVE-2019-5736 cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:45
2019-02-12 		Show GitHub Exploit DB Packet Storm
1236 7.5
5.0 		HIGH
Network 		Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() func… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2019-6975 cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:47
2019-02-11 		Show GitHub Exploit DB Packet Storm
1237 6.5
4.3 		MEDIUM
Network 		An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote… NVD-CWE-noinfo
CVE-2019-7663 cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:48
2019-02-10 		Show GitHub Exploit DB Packet Storm
1238 5.5
4.3 		MEDIUM
Local 		In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of s… CWE-125
Out-of-bounds Read 		CVE-2019-7665 cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:48
2019-02-10 		Show GitHub Exploit DB Packet Storm
1239 9.8
7.5 		CRITICAL
Network 		The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in th… CWE-427
 Uncontrolled Search Path Element 		CVE-2019-7653 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 13:48
2019-02-9 		Show GitHub Exploit DB Packet Storm
1240 8.8
6.8 		HIGH
Network 		SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c. CWE-125
Out-of-bounds Read 		CVE-2019-7638 cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:48
2019-02-8 		Show GitHub Exploit DB Packet Storm