Search for packages
| purl | pkg:deb/debian/flightgear@0.7.9-3 |
| Next non-vulnerable version | 1:2020.3.16+dfsg-1+deb12u1 |
| Latest non-vulnerable version | 1:2020.3.16+dfsg-1+deb12u1 |
| Risk | 4.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1j2q-k2gh-pqdk
Aliases: CVE-2025-0781 |
An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level. |
Affected by 0 other vulnerabilities. |
|
VCID-2gkf-7tg1-aaab
Aliases: CVE-2012-2090 |
Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx. |
Affected by 4 other vulnerabilities. |
|
VCID-7gtb-wvpj-aaaq
Aliases: CVE-2012-2091 |
Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long string in a rotor tag of an aircraft xml model to the Rotor::getValueforFGSet function in src/FDM/YASim/Rotor.cpp or (2) a crafted UDP packet to the SGSocketUDP::read function in simgear/simgear/simgear/io/sg_socket_udp.cxx. |
Affected by 4 other vulnerabilities. |
|
VCID-7txw-7t76-aaab
Aliases: CVE-2017-8921 |
In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan (XML). A resource such as a malicious third-party aircraft could exploit this to damage files belonging to the user. Both this issue and CVE-2016-9956 are directory traversal vulnerabilities in Autopilot/route_mgr.cxx - this one exists because of an incomplete fix for CVE-2016-9956. |
Affected by 2 other vulnerabilities. |
|
VCID-jx8t-94cp-aaas
Aliases: CVE-2016-9956 |
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script. |
Affected by 4 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-vm83-ajzg-aaan
Aliases: CVE-2017-13709 |
In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T19:05:58.656551+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:05:18.717211+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:40:30.025992+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:08:05.935416+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:06:44.747385+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:23:46.220262+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T09:49:25.512615+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T01:05:00.939966+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | None | 36.1.3 |
| 2025-06-21T00:34:44.854496+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | None | 36.1.3 |
| 2025-06-21T00:03:17.870682+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | None | 36.1.3 |
| 2025-06-20T22:47:34.040247+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | None | 36.1.3 |
| 2025-06-20T19:39:55.357738+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | None | 36.1.3 |
| 2025-06-08T11:35:05.694364+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:36:56.218069+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:33:42.302162+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:01:37.440833+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:01:37.754843+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:25:27.857170+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T03:38:04.849009+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-07T18:27:35.186319+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | None | 36.1.0 |
| 2025-06-07T17:57:22.376696+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | None | 36.1.0 |
| 2025-06-07T17:26:05.570996+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | None | 36.1.0 |
| 2025-06-07T16:11:28.380757+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | None | 36.1.0 |
| 2025-06-07T13:34:03.732212+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | None | 36.1.0 |
| 2025-04-13T03:10:21.619180+00:00 | Debian Oval Importer | Affected by | VCID-1j2q-k2gh-pqdk | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T22:36:05.247775+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T21:45:02.364242+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:37:36.427705+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:00:48.493786+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:19:34.156944+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:18:27.365454+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:06:25.387713+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:34:18.490739+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:33:34.129866+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:56:36.773051+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T02:05:50.261466+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-07T17:05:11.865054+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | None | 36.0.0 |
| 2025-04-07T16:34:15.570981+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | None | 36.0.0 |
| 2025-04-07T16:00:26.315024+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | None | 36.0.0 |
| 2025-04-07T14:42:51.186315+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | None | 36.0.0 |
| 2025-04-07T12:09:29.745966+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | None | 36.0.0 |
| 2024-11-28T22:53:04.493305+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-28T22:49:27.501828+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-14T07:19:46.002808+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-14T07:17:03.481838+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-09-21T07:09:44.470443+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T07:08:52.451291+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |