Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
541 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
542 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
543 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
544 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
545 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
546 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
547 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
548 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
549 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
550 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
551 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
552 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
553 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
554 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
555 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
556 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
557 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
558 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
559 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
560 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
561 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
562 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
563 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
564 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
565 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
566 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
567 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
568 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
569 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
570 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
571 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
572 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
573 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
574 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
575 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
541 7.5
4.3 		HIGH
Network 		In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set … CWE-476
 NULL Pointer Dereference 		CVE-2020-7062 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:36
2020-02-28 		Show GitHub Exploit DB Packet Storm
542 7.5
5.0 		HIGH
Network 		An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) fu… CWE-824
 Access of Uninitialized Pointer 		CVE-2020-9274 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 14:40
2020-02-27 		Show GitHub Exploit DB Packet Storm
543 9.8
10.0 		CRITICAL
Network 		OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTP… CWE-125
Out-of-bounds Read 		CVE-2020-8794 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:* 		2024-11-21 14:39
2020-02-26 		Show GitHub Exploit DB Packet Storm
544 4.7
4.7 		MEDIUM
Local 		OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offl… CWE-426
CWE-367
 Untrusted Search Path
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2020-8793 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:* 		2024-11-21 14:39
2020-02-26 		Show GitHub Exploit DB Packet Storm
545 7.1
3.6 		HIGH
Local 		An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before a… CWE-125
Out-of-bounds Read 		CVE-2020-9383 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:40
2020-02-26 		Show GitHub Exploit DB Packet Storm
546 4.8
5.8 		MEDIUM
Network 		In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as va… CWE-444
HTTP Request Smuggling 		CVE-2020-1935 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 14:11
2020-02-25 		Show GitHub Exploit DB Packet Storm
547 6.4
6.9 		MEDIUM
Local 		There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`. CWE-78
OS Command  		CVE-2020-8130 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:38
2020-02-25 		Show GitHub Exploit DB Packet Storm
548 7.5
5.0 		HIGH
Network 		add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). An attacker could … CWE-787
 Out-of-bounds Write 		CVE-2015-9542 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 11:40
2020-02-25 		Show GitHub Exploit DB Packet Storm
549 7.5
5.0 		HIGH
Network 		In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. CWE-476
 NULL Pointer Dereference 		CVE-2020-9327 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:40
2020-02-22 		Show GitHub Exploit DB Packet Storm
550 5.5
2.1 		MEDIUM
Local 		fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts. CWE-200
Information Exposure 		CVE-2011-4915 cpe:2.3:o:canonical:ubuntu_linux:14.04:* 2024-11-21 10:33
2020-02-21 		Show GitHub Exploit DB Packet Storm