Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
581 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
582 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
583 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
584 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
585 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
586 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
587 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
588 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
589 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
590 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
591 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
592 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
593 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
594 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
595 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
596 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
597 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
598 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
599 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
600 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
601 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
602 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
603 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
604 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
605 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
606 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
607 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
608 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
609 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
610 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
611 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
612 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
613 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
614 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
615 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
581 6.5
7.1 		MEDIUM
Network 		Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks agains… CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-8492 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 14:38
2020-01-31 		Show GitHub Exploit DB Packet Storm
582 9.1
6.4 		CRITICAL
Network 		HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header. CWE-444
HTTP Request Smuggling 		CVE-2019-20445 cpe:2.3:o:canonical:ubuntu_linux:18.04:* 2024-11-21 13:38
2020-01-30 		Show GitHub Exploit DB Packet Storm
583 9.1
6.4 		CRITICAL
Network 		HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invali… CWE-444
HTTP Request Smuggling 		CVE-2019-20444 cpe:2.3:o:canonical:ubuntu_linux:18.04:* 2024-11-21 13:38
2020-01-30 		Show GitHub Exploit DB Packet Storm
584 9.8
10.0 		CRITICAL
Network 		smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated … CWE-78
CWE-755
OS Command 
 Improper Handling of Exceptional Conditions 		CVE-2020-7247 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:* 		2024-11-21 14:36
2020-01-30 		Show GitHub Exploit DB Packet Storm
585 5.5
2.1 		MEDIUM
Local 		Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. CWE-404
 Improper Resource Shutdown or Release 		CVE-2020-0549 cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:53
2020-01-28 		Show GitHub Exploit DB Packet Storm
586 7.5
7.8 		HIGH
Network 		In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to ca… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2019-20421 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:38
2020-01-27 		Show GitHub Exploit DB Packet Storm
587 9.8
7.5 		CRITICAL
Network 		An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-R… CWE-502
 Deserialization of Untrusted Data 		CVE-2019-17570 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:* 		2024-11-21 13:32
2020-01-24 		Show GitHub Exploit DB Packet Storm
588 6.5
4.0 		MEDIUM
Network 		The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors r… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2015-5278 cpe:2.3:o:canonical:ubuntu_linux:15.04:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 11:32
2020-01-24 		Show GitHub Exploit DB Packet Storm
589 6.5
4.0 		MEDIUM
Network 		Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2015-5239 cpe:2.3:o:canonical:ubuntu_linux:15.04:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 11:32
2020-01-24 		Show GitHub Exploit DB Packet Storm
590 8.8
6.8 		HIGH
Network 		WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS CWE-416
 Use After Free 		CVE-2016-4761 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 11:52
2020-01-23 		Show GitHub Exploit DB Packet Storm