Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
3891 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
3892 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
3893 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
3894 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
3895 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
3896 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
3897 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
3898 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
3899 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
3900 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
3901 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
3902 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
3903 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
3904 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
3905 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
3906 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
3907 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
3908 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
3909 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
3910 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
3911 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
3912 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
3913 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
3914 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
3915 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
3916 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
3917 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
3918 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
3919 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
3920 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
3921 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
3922 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
3923 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
3924 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
3925 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
3891 -
5.8 		MEDIUM neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the… CWE-326
Inadequate Encryption Strength 		CVE-2009-2474 cpe:2.3:o:canonical:ubuntu_linux:9.04:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2009-08-22 		Show GitHub Exploit DB Packet Storm
3892 -
5.9 		MEDIUM The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory c… CWE-269
 Improper Privilege Management 		CVE-2009-2848 cpe:2.3:o:canonical:ubuntu_linux:9.04:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2009-08-19 		Show GitHub Exploit DB Packet Storm
3893 6.5
4.3 		MEDIUM
Network 		Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) vi… CWE-416
 Use After Free 		CVE-2009-2416 cpe:2.3:o:canonical:ubuntu_linux:9.04:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2009-08-12 		Show GitHub Exploit DB Packet Storm
3894 -
5.0 		MEDIUM XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote atta… NVD-CWE-Other
CVE-2009-2625 cpe:2.3:o:canonical:ubuntu_linux:9.10:*
cpe:2.3:o:canonical:ubuntu_linux:9.04:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2009-08-7 		Show GitHub Exploit DB Packet Storm
3895 -
6.8 		MEDIUM The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute … CWE-824
 Access of Uninitialized Pointer 		CVE-2009-1721 cpe:2.3:o:canonical:ubuntu_linux:9.04:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2009-08-1 		Show GitHub Exploit DB Packet Storm
3896 5.9
6.8 		MEDIUM
Network 		Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the … CWE-295
Improper Certificate Validation  		CVE-2009-2408 cpe:2.3:o:canonical:ubuntu_linux:9.04:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2009-07-31 		Show GitHub Exploit DB Packet Storm
3897 -
7.2 		HIGH The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid … CWE-16
Configuration 		CVE-2009-1895 cpe:2.3:o:canonical:ubuntu_linux:9.04:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2009-07-17 		Show GitHub Exploit DB Packet Storm
3898 -
7.1 		HIGH The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a deni… CWE-400
 Uncontrolled Resource Consumption 		CVE-2009-1891 cpe:2.3:o:canonical:ubuntu_linux:9.04:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2009-07-11 		Show GitHub Exploit DB Packet Storm
3899 -
7.1 		HIGH The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed d… CWE-400
 Uncontrolled Resource Consumption 		CVE-2009-1890 cpe:2.3:o:canonical:ubuntu_linux:9.04:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2009-07-6 		Show GitHub Exploit DB Packet Storm
3900 -
4.9 		MEDIUM The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local… CWE-476
 NULL Pointer Dereference 		CVE-2009-2287 cpe:2.3:o:canonical:ubuntu_linux:9.04:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2009-07-1 		Show GitHub Exploit DB Packet Storm