Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
351 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
352 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
353 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
354 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
355 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
356 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
357 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
358 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
359 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
360 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
361 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
362 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
363 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
364 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
365 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
366 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
367 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
368 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
369 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
370 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
371 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
372 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
373 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
374 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
375 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
376 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
377 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
378 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
379 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
380 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
381 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
382 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
383 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
384 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
385 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
351 7.5
5.0 		HIGH
Network 		websocket-extensions ruby module prior to 0.1.5 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string… NVD-CWE-Other
CVE-2020-7663 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:37
2020-06-3 		Show GitHub Exploit DB Packet Storm
352 6.7
4.6 		MEDIUM
Local 		hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2020-13754 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:01
2020-06-2 		Show GitHub Exploit DB Packet Storm
353 2.5
1.9 		LOW
Local 		address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer. CWE-476
 NULL Pointer Dereference 		CVE-2020-13659 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:01
2020-06-2 		Show GitHub Exploit DB Packet Storm
354 7.5
5.0 		HIGH
Network 		Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application use… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2020-13757 cpe:2.3:o:canonical:ubuntu_linux:14.04:* 2024-11-21 14:01
2020-06-2 		Show GitHub Exploit DB Packet Storm
355 5.5
2.1 		MEDIUM
Local 		A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-20… CWE-476
 NULL Pointer Dereference 		CVE-2020-12867 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:00
2020-06-1 		Show GitHub Exploit DB Packet Storm
356 3.2
2.1 		LOW
Local 		In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user. CWE-125
Out-of-bounds Read 		CVE-2020-13362 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:01
2020-05-29 		Show GitHub Exploit DB Packet Storm
357 3.9
3.3 		LOW
Local 		In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write… CWE-787
 Out-of-bounds Write 		CVE-2020-13361 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:01
2020-05-28 		Show GitHub Exploit DB Packet Storm
358 5.3
4.6 		MEDIUM
Local 		In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua). CWE-78
OS Command  		CVE-2019-20807 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:* 		2024-11-21 13:39
2020-05-28 		Show GitHub Exploit DB Packet Storm
359 6.5
6.4 		MEDIUM
Network 		In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server… CWE-295
Improper Certificate Validation  		CVE-2020-13645 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:01
2020-05-28 		Show GitHub Exploit DB Packet Storm
360 7.8
7.2 		HIGH
Local 		Sympa before 6.2.56 allows privilege escalation. CWE-269
 Improper Privilege Management 		CVE-2020-10936 cpe:2.3:o:canonical:ubuntu_linux:14.04:* 2024-11-21 13:56
2020-05-28 		Show GitHub Exploit DB Packet Storm