Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux

Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
2801 Ubuntu 26.04 LTS 26.04 April 23, 2026 April 23, 2026 0 0 0 0
2802 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
2803 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
2804 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
2805 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
2806 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
2807 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
2808 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
2809 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
2810 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
2811 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
2812 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
2813 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
2814 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
2815 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
2816 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
2817 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
2818 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
2819 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
2820 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
2821 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
2822 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
2823 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
2824 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
2825 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
2826 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
2827 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
2828 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
2829 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
2830 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
2831 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
2832 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
2833 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
2834 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
2835 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
2836 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
2801 -
4.0
MEDIUM Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality… NVD-CWE-noinfo
CVE-2016-0448 cpe:2.3:o:canonical:ubuntu_linux:15.10:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*
cpe:2.3:o:canonical:ubuntu_linu…
2024-11-21 11:41
2016-01-21
Show GitHub Exploit DB Packet Storm
2802 -
5.0
MEDIUM Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vect… NVD-CWE-noinfo
CVE-2016-0402 cpe:2.3:o:canonical:ubuntu_linux:15.10:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*
cpe:2.3:o:canonical:ubuntu_linu…
2024-11-21 11:41
2016-01-21
Show GitHub Exploit DB Packet Storm
2803 5.5
4.3
MEDIUM
Local
FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP reques… CWE-200
Information Exposure
CVE-2016-1898 cpe:2.3:o:canonical:ubuntu_linux:12.04:* 2024-11-21 11:47
2016-01-15
Show GitHub Exploit DB Packet Storm
2804 5.5
4.3
MEDIUM
Local
FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request… CWE-200
Information Exposure
CVE-2016-1897 cpe:2.3:o:canonical:ubuntu_linux:12.04:* 2024-11-21 11:47
2016-01-15
Show GitHub Exploit DB Packet Storm
2805 6.5
5.7
MEDIUM
Adjacent
ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet. CWE-20
 Improper Input Validation 
CVE-2015-8605 cpe:2.3:o:canonical:ubuntu_linux:15.10:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*
cpe:2.3:o:canonical:ubuntu_linu…
2024-11-21 11:38
2016-01-15
Show GitHub Exploit DB Packet Storm
2806 7.3
7.5
HIGH
Network
The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to byp… CWE-20
 Improper Input Validation 
CVE-2015-8607 cpe:2.3:o:canonical:ubuntu_linux:15.10:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*
2024-11-21 11:38
2016-01-14
Show GitHub Exploit DB Packet Storm
2807 8.6
7.8
HIGH
Network
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section. CWE-400
 Uncontrolled Resource Consumption
CVE-2015-1779 cpe:2.3:o:canonical:ubuntu_linux:15.04:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*
cpe:2.3:o:canonical:ubuntu_linu…
2024-11-21 11:26
2016-01-13
Show GitHub Exploit DB Packet Storm
2808 5.9
4.3
MEDIUM
Network
Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in T… CWE-19
 Data Processing Errors
CVE-2015-7575 cpe:2.3:o:canonical:ubuntu_linux:15.10:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*
cpe:2.3:o:canonical:ubuntu_linu…
2024-11-21 11:37
2016-01-9
Show GitHub Exploit DB Packet Storm
2809 9.0
9.3
CRITICAL
Network
The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name. CWE-78
OS Command 
CVE-2015-8557 cpe:2.3:o:canonical:ubuntu_linux:15.10:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*
cpe:2.3:o:canonical:ubuntu_linu…
2024-11-21 11:38
2016-01-9
Show GitHub Exploit DB Packet Storm
2810 7.5
6.0
HIGH
Network
The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative… CWE-269
 Improper Privilege Management
CVE-2015-8467 cpe:2.3:o:canonical:ubuntu_linux:15.10:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*
cpe:2.3:o:canonical:ubuntu_linu…
2024-11-21 11:38
2015-12-30
Show GitHub Exploit DB Packet Storm