Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
201 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
202 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
203 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
204 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
205 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
206 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
207 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
208 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
209 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
210 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
211 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
212 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
213 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
214 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
215 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
216 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
217 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
218 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
219 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
220 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
221 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
222 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
223 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
224 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
225 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
226 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
227 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
228 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
229 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
230 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
231 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
232 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
233 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
234 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
235 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
201 5.5
2.1 		MEDIUM
Local 		A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could r… - CVE-2020-14347 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:03
2020-08-5 		Show GitHub Exploit DB Packet Storm
202 6.7
4.6 		MEDIUM
Local 		An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setu… CWE-190
 Integer Overflow or Wraparound 		CVE-2020-14344 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:03
2020-08-5 		Show GitHub Exploit DB Packet Storm
203 3.3
4.3 		LOW
Local 		In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal. CWE-22
Path Traversal 		CVE-2020-16116 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:* 		2024-11-21 14:06
2020-08-4 		Show GitHub Exploit DB Packet Storm
204 6.0
3.6 		MEDIUM
Local 		There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow lead… - CVE-2020-14311 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:02
2020-08-1 		Show GitHub Exploit DB Packet Storm
205 6.0
3.6 		MEDIUM
Local 		There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with bu… CWE-190
 Integer Overflow or Wraparound 		CVE-2020-14310 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:02
2020-08-1 		Show GitHub Exploit DB Packet Storm
206 3.7
4.3 		LOW
Network 		The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is relat… CWE-330
 Use of Insufficiently Random Values 		CVE-2020-16166 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:06
2020-07-31 		Show GitHub Exploit DB Packet Storm
207 5.9
4.3 		MEDIUM
Network 		libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL. CWE-476
 NULL Pointer Dereference 		CVE-2020-16135 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:06
2020-07-30 		Show GitHub Exploit DB Packet Storm
208 6.4
4.4 		MEDIUM
Local 		Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not include… CWE-362
CWE-190
Race Condition
 Integer Overflow or Wraparound 		CVE-2020-15707 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:06
2020-07-30 		Show GitHub Exploit DB Packet Storm
209 6.4
4.4 		MEDIUM
Local 		GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executin… CWE-362
CWE-416
Race Condition
 Use After Free 		CVE-2020-15706 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:06
2020-07-30 		Show GitHub Exploit DB Packet Storm
210 6.4
4.4 		MEDIUM
Local 		GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported direc… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2020-15705 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:06
2020-07-30 		Show GitHub Exploit DB Packet Storm