Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
421 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
422 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
423 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
424 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
425 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
426 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
427 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
428 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
429 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
430 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
431 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
432 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
433 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
434 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
435 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
436 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
437 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
438 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
439 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
440 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
441 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
442 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
443 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
444 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
445 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
446 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
447 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
448 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
449 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
450 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
451 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
452 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
453 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
454 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
455 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
421 8.8
6.5 		HIGH
Network 		An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escala… CWE-269
 Improper Privilege Management 		CVE-2020-12689 cpe:2.3:o:canonical:ubuntu_linux:18.04:* 2024-11-21 14:00
2020-05-7 		Show GitHub Exploit DB Packet Storm
422 6.5
4.3 		MEDIUM
Network 		/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection. CWE-74
Injection 		CVE-2020-12108 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:* 		2024-11-21 13:59
2020-05-7 		Show GitHub Exploit DB Packet Storm
423 5.5
2.1 		MEDIUM
Local 		gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: Thi… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2020-12656 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:00
2020-05-5 		Show GitHub Exploit DB Packet Storm
424 9.8
7.5 		CRITICAL
Network 		dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing ho… CWE-611
XXE 		CVE-2020-10683 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 13:55
2020-05-2 		Show GitHub Exploit DB Packet Storm
425 6.5
4.0 		MEDIUM
Network 		An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods … CWE-22
Path Traversal 		CVE-2020-11652 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:* 		2024-11-21 13:58
2020-05-1 		Show GitHub Exploit DB Packet Storm
426 9.8
7.5 		CRITICAL
Network 		An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access… NVD-CWE-Other
CVE-2020-11651 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:* 		2024-11-21 13:58
2020-05-1 		Show GitHub Exploit DB Packet Storm
427 7.0
3.7 		HIGH
Local 		A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid user… - CVE-2020-1752 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:11
2020-05-1 		Show GitHub Exploit DB Packet Storm
428 7.0
6.9 		HIGH
Local 		In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails… CWE-362
Race Condition 		CVE-2020-11884 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:58
2020-04-29 		Show GitHub Exploit DB Packet Storm
429 7.5
5.0 		HIGH
Network 		In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). CWE-674
 Uncontrolled Recursion 		CVE-2020-12243 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:59
2020-04-29 		Show GitHub Exploit DB Packet Storm
430 9.8
10.0 		CRITICAL
Network 		cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check. CWE-787
 Out-of-bounds Write 		CVE-2020-12284 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:59
2020-04-28 		Show GitHub Exploit DB Packet Storm