Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
211 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
212 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
213 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
214 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
215 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
216 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
217 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
218 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
219 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
220 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
221 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
222 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
223 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
224 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
225 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
226 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
227 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
228 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
229 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
230 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
231 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
232 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
233 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
234 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
235 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
236 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
237 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
238 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
239 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
240 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
241 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
242 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
243 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
244 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
245 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
211 5.9
1.9 		MEDIUM
Local 		It was discovered that snapctl user-open allowed altering the $XDG_DATA_DIRS environment variable when calling the system xdg-open. OpenURL() in usersession/userd/launcher.go would alter $XDG_DATA_DI… CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2020-11934 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:58
2020-07-30 		Show GitHub Exploit DB Packet Storm
212 6.8
4.6 		MEDIUM
Physics 		cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-d… NVD-CWE-Other
CVE-2020-11933 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:58
2020-07-30 		Show GitHub Exploit DB Packet Storm
213 9.8
7.5 		CRITICAL
Network 		A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'po… CWE-787
CWE-191
 Out-of-bounds Write
 Integer Underflow (Wrap or Wraparound) 		CVE-2020-15900 cpe:2.3:o:canonical:ubuntu_linux:20.04:* 2024-11-21 14:06
2020-07-29 		Show GitHub Exploit DB Packet Storm
214 5.3
4.4 		MEDIUM
Local 		hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest … CWE-787
 Out-of-bounds Write 		CVE-2020-15863 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:06
2020-07-29 		Show GitHub Exploit DB Packet Storm
215 3.5
3.5 		LOW
Network 		In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not c… - CVE-2020-15103 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:* 		2024-11-21 14:04
2020-07-28 		Show GitHub Exploit DB Packet Storm
216 6.5
4.3 		MEDIUM
Network 		Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream. CWE-200
Information Exposure 		CVE-2020-6514 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:35
2020-07-23 		Show GitHub Exploit DB Packet Storm
217 7.5
5.0 		HIGH
Network 		LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc handler frame traversal is mishandled. CWE-125
Out-of-bounds Read 		CVE-2020-15890 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 14:06
2020-07-22 		Show GitHub Exploit DB Packet Storm
218 7.5
5.0 		HIGH
Network 		A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition… CWE-476
 NULL Pointer Dereference 		CVE-2020-3481 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:31
2020-07-21 		Show GitHub Exploit DB Packet Storm
219 5.9
4.3 		MEDIUM
Network 		evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS c… CWE-74
Injection 		CVE-2020-14928 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:04
2020-07-18 		Show GitHub Exploit DB Packet Storm
220 9.8
7.5 		CRITICAL
Network 		The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access (such as template="/etc/passwd") or unintended embedded … CWE-862
 Missing Authorization 		CVE-2020-14001 cpe:2.3:o:canonical:ubuntu_linux:20.04:* 2024-11-21 14:02
2020-07-18 		Show GitHub Exploit DB Packet Storm