Search for packages
Package details: pkg:deb/debian/simgear@3.0.0-6
purl pkg:deb/debian/simgear@3.0.0-6
Next non-vulnerable version 1:2020.3.16+dfsg-1+deb12u1
Latest non-vulnerable version 1:2020.3.16+dfsg-1+deb12u1
Risk 3.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-1j2q-k2gh-pqdk
Aliases:
CVE-2025-0781
An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level.
1:2020.3.16+dfsg-1+deb12u1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (4)
Vulnerability Summary Aliases
VCID-2gkf-7tg1-aaab Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx. CVE-2012-2090
VCID-7gtb-wvpj-aaaq Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long string in a rotor tag of an aircraft xml model to the Rotor::getValueforFGSet function in src/FDM/YASim/Rotor.cpp or (2) a crafted UDP packet to the SGSocketUDP::read function in simgear/simgear/simgear/io/sg_socket_udp.cxx. CVE-2012-2091
VCID-8dyd-depr-aaam The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720. CVE-2009-3560
VCID-c7e7-cdc7-aaam The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625. CVE-2009-3720

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T18:27:10.320633+00:00 Debian Oval Importer Fixing VCID-7gtb-wvpj-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T18:03:30.864900+00:00 Debian Oval Importer Fixing VCID-7gtb-wvpj-aaaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T16:49:21.768939+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:53:34.487176+00:00 Debian Oval Importer Fixing VCID-2gkf-7tg1-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T14:01:58.502236+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T00:37:25.508300+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam None 36.1.3
2025-06-20T23:43:54.125553+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam None 36.1.3
2025-06-20T23:25:38.410244+00:00 Debian Oval Importer Fixing VCID-7gtb-wvpj-aaaq None 36.1.3
2025-06-20T20:56:44.903097+00:00 Debian Oval Importer Fixing VCID-2gkf-7tg1-aaab None 36.1.3
2025-06-08T12:47:21.572558+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:55:54.575032+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:57:44.054784+00:00 Debian Oval Importer Fixing VCID-7gtb-wvpj-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:35:10.764762+00:00 Debian Oval Importer Fixing VCID-7gtb-wvpj-aaaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:34:33.675571+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T08:46:50.873735+00:00 Debian Oval Importer Fixing VCID-2gkf-7tg1-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:56:03.519077+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-07T18:00:03.070046+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam None 36.1.0
2025-06-07T17:06:48.692528+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam None 36.1.0
2025-06-07T16:48:32.258847+00:00 Debian Oval Importer Fixing VCID-7gtb-wvpj-aaaq None 36.1.0
2025-06-07T14:24:46.786780+00:00 Debian Oval Importer Fixing VCID-2gkf-7tg1-aaab None 36.1.0
2025-04-13T03:19:39.155170+00:00 Debian Oval Importer Affected by VCID-1j2q-k2gh-pqdk https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:27:50.256798+00:00 Debian Oval Importer Fixing VCID-2gkf-7tg1-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:34:17.069313+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:41:04.137330+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:40:27.251988+00:00 Debian Oval Importer Fixing VCID-7gtb-wvpj-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:16:37.213434+00:00 Debian Oval Importer Fixing VCID-7gtb-wvpj-aaaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:06:54.998406+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T07:18:24.886640+00:00 Debian Oval Importer Fixing VCID-2gkf-7tg1-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:28:33.953494+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T16:36:59.855267+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam None 36.0.0
2025-04-07T15:40:17.235113+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam None 36.0.0
2025-04-07T15:21:14.619620+00:00 Debian Oval Importer Fixing VCID-7gtb-wvpj-aaaq None 36.0.0
2025-04-07T12:57:13.287260+00:00 Debian Oval Importer Fixing VCID-2gkf-7tg1-aaab None 36.0.0
2024-11-28T22:53:05.244805+00:00 Debian Oval Importer Fixing VCID-7gtb-wvpj-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-28T22:49:26.823733+00:00 Debian Oval Importer Fixing VCID-2gkf-7tg1-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T09:26:08.891833+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T08:15:21.099645+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-10-14T07:19:46.914032+00:00 Debian Oval Importer Fixing VCID-7gtb-wvpj-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-14T07:17:02.778754+00:00 Debian Oval Importer Fixing VCID-2gkf-7tg1-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T05:02:54.061834+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T04:13:08.170842+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-09-21T07:09:45.211928+00:00 Debian Oval Importer Fixing VCID-7gtb-wvpj-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-21T07:08:51.766967+00:00 Debian Oval Importer Fixing VCID-2gkf-7tg1-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T20:29:44.250180+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T20:12:02.688506+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1