Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
521 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
522 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
523 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
524 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
525 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
526 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
527 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
528 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
529 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
530 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
531 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
532 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
533 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
534 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
535 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
536 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
537 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
538 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
539 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
540 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
541 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
542 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
543 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
544 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
545 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
546 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
547 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
548 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
549 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
550 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
551 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
552 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
553 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
554 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
555 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
521 5.3
5.4 		MEDIUM
Local 		In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls. CWE-787
 Out-of-bounds Write 		CVE-2020-10942 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:56
2020-03-25 		Show GitHub Exploit DB Packet Storm
522 5.5
4.3 		MEDIUM
Local 		A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-1951 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 14:11
2020-03-23 		Show GitHub Exploit DB Packet Storm
523 5.5
4.3 		MEDIUM
Local 		A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 1.0-1.23. CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-1950 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 14:11
2020-03-23 		Show GitHub Exploit DB Packet Storm
524 6.1
4.3 		MEDIUM
Network 		Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi. CWE-74
Injection 		CVE-2019-18860 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:33
2020-03-21 		Show GitHub Exploit DB Packet Storm
525 7.5
5.0 		HIGH
Network 		A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This iss… CWE-326
Inadequate Encryption Strength 		CVE-2019-14855 cpe:2.3:o:canonical:ubuntu_linux:18.04:* 2024-11-21 13:27
2020-03-21 		Show GitHub Exploit DB Packet Storm
526 7.1
5.8 		HIGH
Adjacent 		Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access NVD-CWE-noinfo
CVE-2020-0556 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:53
2020-03-13 		Show GitHub Exploit DB Packet Storm
527 8.8
6.8 		HIGH
Network 		An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() fun… CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound 		CVE-2020-10531 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:55
2020-03-13 		Show GitHub Exploit DB Packet Storm
528 9.8
7.5 		CRITICAL
Network 		In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remai… CWE-444
HTTP Request Smuggling 		CVE-2020-10109 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:54
2020-03-12 		Show GitHub Exploit DB Packet Storm
529 9.8
7.5 		CRITICAL
Network 		In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value wa… CWE-444
HTTP Request Smuggling 		CVE-2020-10108 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:54
2020-03-12 		Show GitHub Exploit DB Packet Storm
530 6.5
4.3 		MEDIUM
Network 		usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init. CWE-125
Out-of-bounds Read 		CVE-2019-20503 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:38
2020-03-7 		Show GitHub Exploit DB Packet Storm