Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
431 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
432 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
433 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
434 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
435 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
436 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
437 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
438 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
439 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
440 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
441 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
442 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
443 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
444 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
445 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
446 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
447 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
448 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
449 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
450 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
451 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
452 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
453 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
454 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
455 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
456 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
457 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
458 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
459 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
460 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
461 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
462 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
463 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
464 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
465 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
431 3.3
2.1 		LOW
Local 		Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through get_pid_i… CWE-269
 Improper Privilege Management 		CVE-2019-15790 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:29
2020-04-28 		Show GitHub Exploit DB Packet Storm
432 6.1
4.3 		MEDIUM
Network 		GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP repl… CWE-79
Cross-site Scripting 		CVE-2020-12137 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:* 		2024-11-21 13:59
2020-04-24 		Show GitHub Exploit DB Packet Storm
433 7.8
4.6 		HIGH
Local 		In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() installs an fd referencing a file from the lower filesystem wit… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2019-15791 cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:* 		2024-11-21 13:29
2020-04-24 		Show GitHub Exploit DB Packet Storm
434 6.7
7.2 		MEDIUM
Local 		Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the or… CWE-672
 Operation on a Resource after Expiration or Release 		CVE-2019-15794 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:* 		2024-11-21 13:29
2020-04-24 		Show GitHub Exploit DB Packet Storm
435 8.8
4.6 		HIGH
Local 		In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the l… CWE-276
Incorrect Default Permissions  		CVE-2019-15793 cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:* 		2024-11-21 13:29
2020-04-24 		Show GitHub Exploit DB Packet Storm
436 7.8
4.6 		HIGH
Local 		In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() calls fdget(oldfd), then without further checks passes the resu… CWE-843
Type Confusion 		CVE-2019-15792 cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:* 		2024-11-21 13:29
2020-04-24 		Show GitHub Exploit DB Packet Storm
437 9.8
7.5 		CRITICAL
Network 		libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690. CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound 		CVE-2019-20788 cpe:2.3:o:canonical:ubuntu_linux:18.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:39
2020-04-24 		Show GitHub Exploit DB Packet Storm
438 6.1
4.3 		MEDIUM
Network 		A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization o… CWE-79
Cross-site Scripting 		CVE-2020-1760 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:* 		2024-11-21 14:11
2020-04-24 		Show GitHub Exploit DB Packet Storm
439 9.8
7.5 		CRITICAL
Network 		An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the att… CWE-190
 Integer Overflow or Wraparound 		CVE-2020-11945 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:58
2020-04-24 		Show GitHub Exploit DB Packet Storm
440 4.7
1.9 		MEDIUM
Local 		Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity. If fs.protected_symlinks is disabled, this ca… CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2020-8833 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:39
2020-04-23 		Show GitHub Exploit DB Packet Storm