Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
281 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
282 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
283 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
284 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
285 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
286 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
287 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
288 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
289 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
290 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
291 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
292 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
293 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
294 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
295 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
296 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
297 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
298 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
299 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
300 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
301 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
302 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
303 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
304 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
305 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
306 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
307 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
308 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
309 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
310 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
311 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
312 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
313 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
314 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
315 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
281 9.8
7.5 		CRITICAL
Network 		It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket fr… CWE-787
 Out-of-bounds Write 		CVE-2017-18922 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 12:21
2020-06-30 		Show GitHub Exploit DB Packet Storm
282 5.5
2.1 		MEDIUM
Local 		In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2020-15393 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:05
2020-06-30 		Show GitHub Exploit DB Packet Storm
283 7.5
5.0 		HIGH
Network 		In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an … - CVE-2020-4067 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:32
2020-06-30 		Show GitHub Exploit DB Packet Storm
284 5.5
2.1 		MEDIUM
Local 		In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. CWE-787
 Out-of-bounds Write 		CVE-2020-15358 cpe:2.3:o:canonical:ubuntu_linux:20.04:* 2024-11-21 14:05
2020-06-27 		Show GitHub Exploit DB Packet Storm
285 7.5
5.0 		HIGH
Network 		A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient … NVD-CWE-noinfo
CVE-2020-11996 cpe:2.3:o:canonical:ubuntu_linux:20.04:* 2024-11-21 13:59
2020-06-27 		Show GitHub Exploit DB Packet Storm
286 6.5
4.3 		MEDIUM
Network 		A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the Exp… CWE-74
Injection 		CVE-2020-10753 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:* 		2024-11-21 13:55
2020-06-27 		Show GitHub Exploit DB Packet Storm
287 5.5
2.1 		MEDIUM
Local 		An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp. CWE-787
 Out-of-bounds Write 		CVE-2020-15306 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:05
2020-06-26 		Show GitHub Exploit DB Packet Storm
288 5.5
2.1 		MEDIUM
Local 		An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp. CWE-416
 Use After Free 		CVE-2020-15305 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:05
2020-06-26 		Show GitHub Exploit DB Packet Storm
289 4.7
1.9 		MEDIUM
Local 		NVIDIA Linux GPU Display Driver, all versions, contains a vulnerability in the UVM driver, in which a race condition may lead to a denial of service. CWE-362
Race Condition 		CVE-2020-5967 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:34
2020-06-26 		Show GitHub Exploit DB Packet Storm
290 8.1
6.8 		HIGH
Network 		In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311. CWE-125
Out-of-bounds Read 		CVE-2020-11538 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:58
2020-06-26 		Show GitHub Exploit DB Packet Storm