Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
661 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
662 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
663 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
664 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
665 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
666 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
667 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
668 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
669 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
670 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
671 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
672 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
673 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
674 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
675 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
676 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
677 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
678 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
679 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
680 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
681 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
682 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
683 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
684 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
685 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
686 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
687 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
688 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
689 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
690 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
691 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
692 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
693 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
694 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
695 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
661 4.6
2.1 		MEDIUM
Physics 		In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c. CWE-908
 Use of Uninitialized Resource 		CVE-2019-19947 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:35
2019-12-24 		Show GitHub Exploit DB Packet Storm
662 7.8
7.2 		HIGH
Local 		Debian-edu-config all versions < 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config < 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed p… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2019-3467 cpe:2.3:o:canonical:ubuntu_linux:18.04:* 2024-11-21 13:42
2019-12-24 		Show GitHub Exploit DB Packet Storm
663 6.5
3.3 		MEDIUM
Adjacent 		An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for statio… CWE-287
Improper Authentication 		CVE-2019-5108 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:44
2019-12-24 		Show GitHub Exploit DB Packet Storm
664 7.0
4.4 		HIGH
Local 		When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration f… NVD-CWE-noinfo
CVE-2019-12418 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 13:22
2019-12-24 		Show GitHub Exploit DB Packet Storm
665 7.5
5.1 		HIGH
Network 		When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The wind… CWE-384
 Session Fixation 		CVE-2019-17563 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 13:32
2019-12-24 		Show GitHub Exploit DB Packet Storm
666 6.5
6.4 		MEDIUM
Network 		When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it wit… CWE-125
Out-of-bounds Read 		CVE-2019-11050 cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:20
2019-12-23 		Show GitHub Exploit DB Packet Storm
667 6.5
6.4 		MEDIUM
Network 		When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it wit… CWE-125
Out-of-bounds Read 		CVE-2019-11047 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:20
2019-12-23 		Show GitHub Exploit DB Packet Storm
668 5.3
5.0 		MEDIUM
Network 		In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplyin… CWE-125
Out-of-bounds Read 		CVE-2019-11046 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:20
2019-12-23 		Show GitHub Exploit DB Packet Storm
669 5.9
4.3 		MEDIUM
Network 		In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to s… CWE-74
Injection 		CVE-2019-11045 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:20
2019-12-23 		Show GitHub Exploit DB Packet Storm
670 5.5
2.1 		MEDIUM
Local 		kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by genera… CWE-400
 Uncontrolled Resource Consumption 		CVE-2019-19922 cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:* 		2024-11-21 13:35
2019-12-23 		Show GitHub Exploit DB Packet Storm