Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
3991 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
3992 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
3993 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
3994 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
3995 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
3996 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
3997 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
3998 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
3999 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
4000 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
4001 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
4002 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
4003 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
4004 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
4005 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
4006 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
4007 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
4008 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
4009 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
4010 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
4011 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
4012 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
4013 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
4014 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
4015 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
4016 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
4017 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
4018 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
4019 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
4020 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
4021 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
4022 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
4023 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
4024 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
4025 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
3991 -
9.3 		HIGH Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, … CWE-120
Classic Buffer Overflow 		CVE-2008-1887 cpe:2.3:o:canonical:ubuntu_linux:8.04:*
cpe:2.3:o:canonical:ubuntu_linux:7.10:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2008-04-19 		Show GitHub Exploit DB Packet Storm
3992 -
7.5 		HIGH Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory a… CWE-681
 Incorrect Conversion between Numeric Types 		CVE-2008-1721 cpe:2.3:o:canonical:ubuntu_linux:8.04:*
cpe:2.3:o:canonical:ubuntu_linux:7.10:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2008-04-11 		Show GitHub Exploit DB Packet Storm
3993 9.8
9.3 		CRITICAL
Network 		KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via … CWE-665
 Improper Initialization 		CVE-2008-0062 cpe:2.3:o:canonical:ubuntu_linux:7.10:*
cpe:2.3:o:canonical:ubuntu_linux:7.04:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2008-03-19 		Show GitHub Exploit DB Packet Storm
3994 7.5
4.3 		HIGH
Network 		The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensiti… CWE-908
 Use of Uninitialized Resource 		CVE-2008-0063 cpe:2.3:o:canonical:ubuntu_linux:7.10:*
cpe:2.3:o:canonical:ubuntu_linux:7.04:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2008-03-19 		Show GitHub Exploit DB Packet Storm
3995 -
9.3 		HIGH Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access a… CWE-254
 7PK - Security Features 		CVE-2008-1195 cpe:2.3:o:canonical:ubuntu_linux:7.10:*
cpe:2.3:o:canonical:ubuntu_linux:7.04:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2008-03-7 		Show GitHub Exploit DB Packet Storm
3996 -
9.3 		HIGH The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a … CWE-787
 Out-of-bounds Write 		CVE-2007-6427 cpe:2.3:o:canonical:ubuntu_linux:7.10:*
cpe:2.3:o:canonical:ubuntu_linux:7.04:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2008-01-19 		Show GitHub Exploit DB Packet Storm
3997 -
4.3 		MEDIUM Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors. CWE-352
 Origin Validation Error 		CVE-2007-6420 cpe:2.3:o:canonical:ubuntu_linux:8.04:*
cpe:2.3:o:canonical:ubuntu_linux:7.10:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2008-01-12 		Show GitHub Exploit DB Packet Storm
3998 -
4.3 		MEDIUM mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) att… CWE-79
Cross-site Scripting 		CVE-2008-0005 cpe:2.3:o:canonical:ubuntu_linux:7.10:*
cpe:2.3:o:canonical:ubuntu_linux:7.04:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2008-01-12 		Show GitHub Exploit DB Packet Storm
3999 -
7.5 		HIGH Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in hand… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-0226 cpe:2.3:o:canonical:ubuntu_linux:7.10:*
cpe:2.3:o:canonical:ubuntu_linux:7.04:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2008-01-11 		Show GitHub Exploit DB Packet Storm
4000 -
4.0 		MEDIUM The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a … CWE-399
 Resource Management Errors 		CVE-2007-4772 cpe:2.3:o:canonical:ubuntu_linux:7.10:*
cpe:2.3:o:canonical:ubuntu_linux:7.04:*
cpe:2.3:o:canonical:ubuntu_linux:… 		2026-04-23 09:35
2008-01-10 		Show GitHub Exploit DB Packet Storm