Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
631 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
632 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
633 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
634 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
635 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
636 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
637 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
638 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
639 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
640 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
641 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
642 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
643 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
644 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
645 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
646 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
647 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
648 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
649 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
650 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
651 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
652 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
653 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
654 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
655 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
656 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
657 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
658 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
659 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
660 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
661 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
662 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
663 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
664 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
665 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
631 6.1
4.3 		MEDIUM
Network 		When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text … CWE-79
Cross-site Scripting 		CVE-2019-17022 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:31
2020-01-9 		Show GitHub Exploit DB Packet Storm
632 8.8
6.8 		HIGH
Network 		Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. Thi… CWE-843
Type Confusion 		CVE-2019-17017 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:31
2020-01-9 		Show GitHub Exploit DB Packet Storm
633 6.1
4.3 		MEDIUM
Network 		When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites re… CWE-79
Cross-site Scripting 		CVE-2019-17016 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:31
2020-01-9 		Show GitHub Exploit DB Packet Storm
634 8.8
6.8 		HIGH
Network 		Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enoug… CWE-787
 Out-of-bounds Write 		CVE-2019-11764 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 13:21
2020-01-9 		Show GitHub Exploit DB Packet Storm
635 6.1
5.8 		MEDIUM
Network 		If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulner… CWE-346
 Origin Validation Error 		CVE-2019-11762 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 13:21
2020-01-9 		Show GitHub Exploit DB Packet Storm
636 5.4
5.8 		MEDIUM
Network 		By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it … CWE-362
CWE-862
Race Condition
 Missing Authorization 		CVE-2019-11761 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 13:21
2020-01-9 		Show GitHub Exploit DB Packet Storm
637 8.8
6.8 		HIGH
Network 		A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderb… CWE-787
 Out-of-bounds Write 		CVE-2019-11760 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 13:21
2020-01-9 		Show GitHub Exploit DB Packet Storm
638 8.8
6.8 		HIGH
Network 		An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a c… CWE-120
Classic Buffer Overflow 		CVE-2019-11759 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 13:21
2020-01-9 		Show GitHub Exploit DB Packet Storm
639 8.8
6.8 		HIGH
Network 		Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine an… CWE-787
 Out-of-bounds Write 		CVE-2019-11758 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 13:21
2020-01-9 		Show GitHub Exploit DB Packet Storm
640 8.8
6.8 		HIGH
Network 		When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitabl… CWE-416
 Use After Free 		CVE-2019-11757 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 13:21
2020-01-9 		Show GitHub Exploit DB Packet Storm