Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Ubuntu Number Of NVD 4093 CRITICAL 341 HIGH 1595 MEDIUM 1941 LOW 216
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
671 Ubuntu 24 24.04.3 Aug. 7, 2025 April 25, 2024 0 0 1 0
672 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 5 2 0
673 Ubuntu 22.04 LTS 22.04.5 Sept. 12, 2024 April 21, 2022 April 30, 2027 April 30, 2032 1 25 11 0
674 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 18 19 0
675 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
676 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
677 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 144 239 32
678 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 227 44
679 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 184 23
680 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
681 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 645 891 80
682 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
683 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
684 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
685 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 239 852 1060 83
686 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 20 148 162 24
687 Ubuntu 15.04 April 23, 2015 July 23, 2015 5 100 130 29
688 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
689 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 216 844 1015 82
690 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
691 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 16 60 9
692 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 90 577 669 83
693 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 1 111 108 13
694 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 1 56 56 8
695 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 2 47 52 17
696 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 5 56 56 16
697 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 3 46 57 8
698 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 2 49 47 6
699 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 7 99 119 18
700 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 48 37 5
701 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 46 28 4
702 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 33 32 4
703 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
704 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
705 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
671 8.8
9.0 		HIGH
Network 		sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval (rather than direct parsing and/or use of the taint … CWE-78
OS Command  		CVE-2019-19920 cpe:2.3:o:canonical:ubuntu_linux:16.04:* 2024-11-21 13:35
2019-12-23 		Show GitHub Exploit DB Packet Storm
672 9.8
7.5 		CRITICAL
Network 		Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization ga… CWE-502
 Deserialization of Untrusted Data 		CVE-2019-17571 cpe:2.3:o:canonical:ubuntu_linux:18.04:* 2024-11-21 13:32
2019-12-21 		Show GitHub Exploit DB Packet Storm
673 7.5
5.0 		HIGH
Network 		cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by a… CWE-787
CWE-193
 Out-of-bounds Write
 Off-by-one Error 		CVE-2019-19906 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:35
2019-12-20 		Show GitHub Exploit DB Packet Storm
674 9.8
5.0 		CRITICAL
Network 		Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of… CWE-640
 Weak Password Recovery Mechanism for Forgotten Password 		CVE-2019-19844 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:35
2019-12-19 		Show GitHub Exploit DB Packet Storm
675 7.8
9.3 		HIGH
Local 		In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a va… CWE-787
 Out-of-bounds Write 		CVE-2019-19816 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:35
2019-12-17 		Show GitHub Exploit DB Packet Storm
676 5.5
7.1 		MEDIUM
Local 		In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/… CWE-416
 Use After Free 		CVE-2019-19813 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:35
2019-12-17 		Show GitHub Exploit DB Packet Storm
677 6.5
4.0 		MEDIUM
Network 		_core_/plugins/medias in SPIP 3.2.x before 3.2.7 allows remote authenticated authors to inject content into the database. NVD-CWE-noinfo
CVE-2019-19830 cpe:2.3:o:canonical:ubuntu_linux:18.04:* 2024-11-21 13:35
2019-12-17 		Show GitHub Exploit DB Packet Storm
678 6.5
3.5 		MEDIUM
Network 		An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a… CWE-269
 Improper Privilege Management 		CVE-2019-19783 cpe:2.3:o:canonical:ubuntu_linux:18.04:* 2024-11-21 13:35
2019-12-16 		Show GitHub Exploit DB Packet Storm
679 7.8
7.2 		HIGH
Local 		In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. Th… CWE-416
 Use After Free 		CVE-2019-19807 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:35
2019-12-16 		Show GitHub Exploit DB Packet Storm
680 9.8
7.5 		CRITICAL
Network 		sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c. CWE-415
 Double Free 		CVE-2019-19725 cpe:2.3:o:canonical:ubuntu_linux:19.10:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-11-21 13:35
2019-12-12 		Show GitHub Exploit DB Packet Storm