Search for packages
| purl | pkg:deb/debian/flightgear@0.9.10-2 |
| Next non-vulnerable version | 1:2020.3.16+dfsg-1+deb12u1 |
| Latest non-vulnerable version | 1:2020.3.16+dfsg-1+deb12u1 |
| Risk | 4.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1j2q-k2gh-pqdk
Aliases: CVE-2025-0781 |
An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level. |
Affected by 0 other vulnerabilities. |
|
VCID-2gkf-7tg1-aaab
Aliases: CVE-2012-2090 |
Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx. |
Affected by 4 other vulnerabilities. |
|
VCID-7gtb-wvpj-aaaq
Aliases: CVE-2012-2091 |
Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long string in a rotor tag of an aircraft xml model to the Rotor::getValueforFGSet function in src/FDM/YASim/Rotor.cpp or (2) a crafted UDP packet to the SGSocketUDP::read function in simgear/simgear/simgear/io/sg_socket_udp.cxx. |
Affected by 4 other vulnerabilities. |
|
VCID-7txw-7t76-aaab
Aliases: CVE-2017-8921 |
In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan (XML). A resource such as a malicious third-party aircraft could exploit this to damage files belonging to the user. Both this issue and CVE-2016-9956 are directory traversal vulnerabilities in Autopilot/route_mgr.cxx - this one exists because of an incomplete fix for CVE-2016-9956. |
Affected by 2 other vulnerabilities. |
|
VCID-jx8t-94cp-aaas
Aliases: CVE-2016-9956 |
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script. |
Affected by 4 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-vm83-ajzg-aaan
Aliases: CVE-2017-13709 |
In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T19:05:58.660631+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:05:18.721672+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:40:30.030420+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:08:05.939949+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:06:44.753070+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:23:46.225321+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T09:49:25.517451+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T01:05:00.943890+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | None | 36.1.3 |
| 2025-06-21T00:34:44.859107+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | None | 36.1.3 |
| 2025-06-21T00:03:17.875595+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | None | 36.1.3 |
| 2025-06-20T22:47:34.044752+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | None | 36.1.3 |
| 2025-06-20T19:39:55.361899+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | None | 36.1.3 |
| 2025-06-08T11:35:05.697542+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:36:56.221681+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:33:42.305603+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:01:37.444519+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:01:37.758133+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:25:27.860419+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T03:38:04.852614+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-07T18:27:35.189629+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | None | 36.1.0 |
| 2025-06-07T17:57:22.379907+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | None | 36.1.0 |
| 2025-06-07T17:26:05.574154+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | None | 36.1.0 |
| 2025-06-07T16:11:28.384439+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | None | 36.1.0 |
| 2025-06-07T13:34:03.736930+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | None | 36.1.0 |
| 2025-04-13T03:10:21.630099+00:00 | Debian Oval Importer | Affected by | VCID-1j2q-k2gh-pqdk | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T22:36:05.256824+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T21:45:02.374541+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:37:36.437973+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:00:48.503565+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:19:34.166213+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:18:27.375335+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:06:25.397238+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:34:18.500364+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:33:34.139301+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:56:36.782954+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T02:05:50.272220+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-07T17:05:11.874258+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | None | 36.0.0 |
| 2025-04-07T16:34:15.580325+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | None | 36.0.0 |
| 2025-04-07T16:00:26.324902+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | None | 36.0.0 |
| 2025-04-07T14:42:51.197281+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | None | 36.0.0 |
| 2025-04-07T12:09:29.756071+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | None | 36.0.0 |
| 2024-11-28T22:53:04.504335+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-28T22:49:27.511735+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-14T07:19:46.013324+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-14T07:17:03.491203+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-09-21T07:09:44.481092+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T07:08:52.463173+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |