Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
341 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
342 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
343 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
344 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
345 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
346 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
347 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
348 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
349 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
350 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
351 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
352 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
353 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
354 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
355 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
356 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
357 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
358 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
359 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
360 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
361 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
362 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
363 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
364 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
365 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
366 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
367 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
368 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
369 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
370 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
371 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
372 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
373 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
374 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
375 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
341 5.5
4.9 		MEDIUM
Local 		An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A loca… CWE-404
 Improper Resource Shutdown or Release 		CVE-2020-12049 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:59
2020-06-9 		Show GitHub Exploit DB Packet Storm
342 5.5
4.3 		MEDIUM
Local 		FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_inp… CWE-416
 Use After Free 		CVE-2020-13904 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:02
2020-06-8 		Show GitHub Exploit DB Packet Storm
343 7.5
4.3 		HIGH
Network 		In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2020-13881 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:02
2020-06-7 		Show GitHub Exploit DB Packet Storm
344 6.0
4.9 		MEDIUM
Local 		ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call. CWE-674
 Uncontrolled Recursion 		CVE-2020-13800 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:01
2020-06-5 		Show GitHub Exploit DB Packet Storm
345 5.6
6.8 		MEDIUM
Network 		rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation. CWE-787
 Out-of-bounds Write 		CVE-2020-13765 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:01
2020-06-5 		Show GitHub Exploit DB Packet Storm
346 7.4
5.8 		HIGH
Network 		GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version i… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2020-13777 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:* 		2024-11-21 14:01
2020-06-4 		Show GitHub Exploit DB Packet Storm
347 6.1
4.3 		MEDIUM
Network 		An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility … CWE-79
Cross-site Scripting 		CVE-2020-13596 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:01
2020-06-3 		Show GitHub Exploit DB Packet Storm
348 5.9
4.3 		MEDIUM
Network 		An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collis… CWE-295
Improper Certificate Validation  		CVE-2020-13254 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:00
2020-06-3 		Show GitHub Exploit DB Packet Storm
349 5.5
2.1 		MEDIUM
Local 		An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c. NVD-CWE-Other
CVE-2019-20811 cpe:2.3:o:canonical:ubuntu_linux:16.04:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:* 		2024-11-21 13:39
2020-06-3 		Show GitHub Exploit DB Packet Storm
350 5.5
4.9 		MEDIUM
Local 		go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586. CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2019-20810 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:39
2020-06-3 		Show GitHub Exploit DB Packet Storm