Software Detail

Software Informaton Top

Operating Systems

Software Detail

Ubuntu

Number Of NVD

4093

CRITICAL

341

HIGH

1595

MEDIUM

1941

LOW

216

URL	https://ubuntu.com/
Explanation	A release without LTS is a normal release and provides support for 9 months after it is released. LTS (Long Term Support) provides support for five years. After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag	Linux

Add Information URL

No	Type	Name	URL
1			https://ubuntu.com/about/release-cycle
2			https://wiki.ubuntu.com/
3			https://wiki.ubuntu.com/Releases
4			https://ubuntu.com/licensing
5			https://ubuntu.com/security/notices

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Extended for a fee	Critical	High	Medium	Low
3041	Ubuntu 24	24.04.3	Aug. 7, 2025	April 25, 2024			0	0	1	0
3042	Ubuntu 23.04	23.04	April 24, 2023	April 24, 2023	April 30, 2024		1	5	2	0
3043	Ubuntu 22.04 LTS	22.04.5	Sept. 12, 2024	April 21, 2022	April 30, 2027	April 30, 2032	1	25	11	0
3044	Ubuntu 21.10	21.10	Oct. 14, 2021	Oct. 14, 2021	June 14, 2022	June 14, 2022	1	18	19	0
3045	Ubuntu 21.04	21.04	April 22, 2021	April 22, 2021	Jan. 30, 2022		0	12	11	0
3046	Ubuntu 20.10	20.10	Oct. 22, 2020	Oct. 22, 2020	July 30, 2021		0	5	13	1
3047	Ubuntu 20.04 LTS	20.04.6	March 23, 2023	April 23, 2020	April 30, 2025	April 30, 2030	21	144	239	32
3048	Ubuntu 19.10			Oct. 17, 2019	July 30, 2020		32	133	227	44
3049	Ubuntu 19.04			April 18, 2019	Jan. 30, 2020		45	126	184	23
3050	Ubuntu 18.10			Oct. 18, 2018	July 31, 2019		66	174	182	5
3051	Ubuntu 18.04 LTS	18.04.6	Sept. 17, 2021	April 26, 2018	April 30, 2023	April 30, 2028	202	645	891	80
3052	Ubuntu 17.10			Oct. 18, 2017	July 19, 2018		4	18	14	0
3053	Ubuntu 17.04			April 13, 2017	July 20, 2017		4	18	14	0
3054	Ubuntu 16.10			Oct. 13, 2016	July 28, 2016		6	24	8	0
3055	Ubuntu 16.04 LTS	16.04.7	Aug. 13, 2020	April 21, 2016	April 30, 2021	April 30, 2024	239	852	1060	83
3056	Ubuntu 15.10			Oct. 22, 2015	Feb. 4, 2016		20	148	162	24
3057	Ubuntu 15.04			April 23, 2015	July 23, 2015		5	100	130	29
3058	Ubuntu 14.10			Oct. 23, 2014	July 14, 2014		0	3	1	0
3059	Ubuntu 14.04 LTS	14.04.6	March 7, 2019	April 17, 2014	April 30, 2019	April 30, 2022	216	844	1015	82
3060	Ubuntu 13.10			Oct. 17, 2013	July 14, 2014		15	56	68	15
3061	Ubuntu 13.04			April 25, 2013	Jan. 27, 2014		6	16	60	9
3062	Ubuntu 12.04 LTS			April 26, 2012	April 28, 2017	April 30, 2019	90	577	669	83
3063	Ubuntu 11.10			Oct. 13, 2011	May 9, 2013		1	111	108	13
3064	Ubuntu 11.04			April 28, 2011	Oct. 28, 2012		1	56	56	8
3065	Ubuntu 10.10			Oct. 10, 2010	April 10, 2012		2	47	52	17
3066	Ubuntu 9.10			Oct. 29, 2009	April 30, 2011		5	56	56	16
3067	Ubuntu 9.04			April 23, 2009	Oct. 23, 2010		3	46	57	8
3068	Ubuntu 8.10			Oct. 30, 2008	April 30, 2010		2	49	47	6
3069	Ubuntu 8.04 LTS	8.04.4	Jan. 28, 2010	April 24, 2008	May 9, 2013		7	99	119	18
3070	Ubuntu 7.10			Oct. 18, 2007	April 18, 2009		3	48	37	5
3071	Ubuntu 7.04			April 19, 2007	Oct. 19, 2008		4	46	28	4
3072	Ubuntu 6.10			Oct. 26, 2006	April 26, 2008		2	33	32	4
3073	Ubuntu 5.10			Oct. 13, 2005	April 13, 2007		0	22	19	1
3074	Ubuntu 5.04			April 8, 2005	Oct. 31, 2006		0	14	13	2
3075	Ubuntu 4.10			Oct. 20, 2004	April 30, 2006		1	13	8	2

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
3041	- 7.5	HIGH	The HTMLSourceElement::BindToTree function in Mozilla Firefox before 37.0 does not properly constrain a data type after omitting namespace validation during certain tree-binding operations, which all…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-0804	cpe:2.3:o:canonical:ubuntu_linux:14.10:* cpe:2.3:o:canonical:ubuntu_linux:14.04:* cpe:2.3:o:canonical:ubuntu_linu…	2024-11-21 11:23 2015-04-1	Show	GitHub Exploit DB Packet Storm

3042	- 7.5	HIGH	The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before 37.0 does not properly constrain the original data type of a casted value during the setting of a SOURCE element's attributes, w…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-0803	cpe:2.3:o:canonical:ubuntu_linux:14.10:* cpe:2.3:o:canonical:ubuntu_linux:14.04:* cpe:2.3:o:canonical:ubuntu_linu…	2024-11-21 11:23 2015-04-1	Show	GitHub Exploit DB Packet Storm

3043	- 5.0	MEDIUM	Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScr…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-0802	cpe:2.3:o:canonical:ubuntu_linux:14.10:* cpe:2.3:o:canonical:ubuntu_linux:14.04:* cpe:2.3:o:canonical:ubuntu_linu…	2024-11-21 11:23 2015-04-1	Show	GitHub Exploit DB Packet Storm

3044	- 5.0	MEDIUM	The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to cond…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2015-2808	cpe:2.3:o:canonical:ubuntu_linux:15.04:* cpe:2.3:o:canonical:ubuntu_linux:14.04:* cpe:2.3:o:canonical:ubuntu_linu…	2024-11-21 11:28 2015-04-1	Show	GitHub Exploit DB Packet Storm

3045	- 6.8	MEDIUM	Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow …	CWE-190 Integer Overflow or Wraparound	CVE-2015-2305	cpe:2.3:o:canonical:ubuntu_linux:15.04:* cpe:2.3:o:canonical:ubuntu_linux:14.10:* cpe:2.3:o:canonical:ubuntu_linu…	2024-11-21 11:27 2015-03-30	Show	GitHub Exploit DB Packet Storm

3046	- 7.5	HIGH	Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have uns…	CWE-416 Use After Free	CVE-2015-2301	cpe:2.3:o:canonical:ubuntu_linux:14.10:* cpe:2.3:o:canonical:ubuntu_linux:14.04:* cpe:2.3:o:canonical:ubuntu_linu…	2024-11-21 11:27 2015-03-30	Show	GitHub Exploit DB Packet Storm

3047	- 5.0	MEDIUM	The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and applicati…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-9709	cpe:2.3:o:canonical:ubuntu_linux:16.04:* cpe:2.3:o:canonical:ubuntu_linux:15.10:* cpe:2.3:o:canonical:ubuntu_linu…	2024-11-21 11:21 2015-03-30	Show	GitHub Exploit DB Packet Storm

3048	- 5.0	MEDIUM	DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to …	CWE-17 Code	CVE-2014-8121	cpe:2.3:o:canonical:ubuntu_linux:15.10:* cpe:2.3:o:canonical:ubuntu_linux:14.04:* cpe:2.3:o:canonical:ubuntu_linu…	2024-11-21 11:18 2015-03-27	Show	GitHub Exploit DB Packet Storm

3049	- 4.3	MEDIUM	The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to c…	CWE-79 Cross-site Scripting	CVE-2015-2317	cpe:2.3:o:canonical:ubuntu_linux:14.10:* cpe:2.3:o:canonical:ubuntu_linux:14.04:* cpe:2.3:o:canonical:ubuntu_linu…	2024-11-21 11:27 2015-03-25	Show	GitHub Exploit DB Packet Storm

3050	- 5.0	MEDIUM	The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of servi…	CWE-399 Resource Management Errors	CVE-2015-2316	cpe:2.3:o:canonical:ubuntu_linux:14.10:* cpe:2.3:o:canonical:ubuntu_linux:14.04:* cpe:2.3:o:canonical:ubuntu_linu…	2024-11-21 11:27 2015-03-25	Show	GitHub Exploit DB Packet Storm