Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
531 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
532 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
533 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
534 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
535 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
536 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
537 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
538 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
539 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
540 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
541 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
542 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
543 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
544 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
545 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
546 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
547 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
548 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
549 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
550 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
551 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
552 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
553 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
554 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
555 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
556 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
557 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
558 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
559 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
560 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
561 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
562 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
563 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
564 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
565 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
531 3.5
2.7 		LOW
Adjacent 		QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is n… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2019-20382 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:38
2020-03-6 		Show GitHub Exploit DB Packet Storm
532 7.0
6.9 		HIGH
Local 		init_tmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses… CWE-362
CWE-59
Race Condition
Link Following 		CVE-2020-10174 cpe:2.3:o:canonical:ubuntu_linux:19.10:* 2024-11-21 13:54
2020-03-6 		Show GitHub Exploit DB Packet Storm
533 8.8
6.5 		HIGH
Network 		Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a sui… CWE-89
SQL Injection 		CVE-2020-9402 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:40
2020-03-6 		Show GitHub Exploit DB Packet Storm
534 5.5
2.1 		MEDIUM
Local 		The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen … CWE-787
 Out-of-bounds Write 		CVE-2020-10029 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:54
2020-03-5 		Show GitHub Exploit DB Packet Storm
535 9.8
7.5 		CRITICAL
Network 		WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This… CWE-416
 Use After Free 		CVE-2020-10018 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:* 		2024-11-21 13:54
2020-03-3 		Show GitHub Exploit DB Packet Storm
536 8.8
6.8 		HIGH
Network 		Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been expl… CWE-787
 Out-of-bounds Write 		CVE-2020-6801 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 14:36
2020-03-2 		Show GitHub Exploit DB Packet Storm
537 4.3
4.3 		MEDIUM
Network 		When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird < 68.5. CWE-908
CWE-909
 Use of Uninitialized Resource
 Missing Initialization of Resource 		CVE-2020-6792 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:36
2020-03-2 		Show GitHub Exploit DB Packet Storm
538 8.8
6.8 		HIGH
Network 		Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability aff… CWE-843
Type Confusion 		CVE-2019-17026 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 13:31
2020-03-2 		Show GitHub Exploit DB Packet Storm
539 8.8
6.8 		HIGH
Network 		Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enoug… CWE-787
 Out-of-bounds Write 		CVE-2020-6800 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:36
2020-03-2 		Show GitHub Exploit DB Packet Storm
540 6.5
4.3 		MEDIUM
Network 		If a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was no… CWE-312
CWE-459
CWE-522
 Cleartext Storage of Sensitive Information
 Incomplete Cleanup
 Insufficiently Protected Credentials 		CVE-2020-6794 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:36
2020-03-2 		Show GitHub Exploit DB Packet Storm