Search for packages
| purl | pkg:deb/debian/flightgear@0.9.6-1 |
| Next non-vulnerable version | 1:2020.3.16+dfsg-1+deb12u1 |
| Latest non-vulnerable version | 1:2020.3.16+dfsg-1+deb12u1 |
| Risk | 4.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1j2q-k2gh-pqdk
Aliases: CVE-2025-0781 |
An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level. |
Affected by 0 other vulnerabilities. |
|
VCID-2gkf-7tg1-aaab
Aliases: CVE-2012-2090 |
Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx. |
Affected by 4 other vulnerabilities. |
|
VCID-7gtb-wvpj-aaaq
Aliases: CVE-2012-2091 |
Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long string in a rotor tag of an aircraft xml model to the Rotor::getValueforFGSet function in src/FDM/YASim/Rotor.cpp or (2) a crafted UDP packet to the SGSocketUDP::read function in simgear/simgear/simgear/io/sg_socket_udp.cxx. |
Affected by 4 other vulnerabilities. |
|
VCID-7txw-7t76-aaab
Aliases: CVE-2017-8921 |
In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan (XML). A resource such as a malicious third-party aircraft could exploit this to damage files belonging to the user. Both this issue and CVE-2016-9956 are directory traversal vulnerabilities in Autopilot/route_mgr.cxx - this one exists because of an incomplete fix for CVE-2016-9956. |
Affected by 2 other vulnerabilities. |
|
VCID-jx8t-94cp-aaas
Aliases: CVE-2016-9956 |
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script. |
Affected by 4 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-vm83-ajzg-aaan
Aliases: CVE-2017-13709 |
In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T19:05:58.658715+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:05:18.719645+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:40:30.028247+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:08:05.937945+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:06:44.750017+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:23:46.222845+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T09:49:25.515037+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T01:05:00.942109+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | None | 36.1.3 |
| 2025-06-21T00:34:44.857120+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | None | 36.1.3 |
| 2025-06-21T00:03:17.873099+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | None | 36.1.3 |
| 2025-06-20T22:47:34.042619+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | None | 36.1.3 |
| 2025-06-20T19:39:55.359553+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | None | 36.1.3 |
| 2025-06-08T11:35:05.696024+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:36:56.219921+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:33:42.304011+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:01:37.442724+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:01:37.756527+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:25:27.858870+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T03:38:04.850831+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-07T18:27:35.188097+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | None | 36.1.0 |
| 2025-06-07T17:57:22.378356+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | None | 36.1.0 |
| 2025-06-07T17:26:05.572638+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | None | 36.1.0 |
| 2025-06-07T16:11:28.382620+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | None | 36.1.0 |
| 2025-06-07T13:34:03.734605+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | None | 36.1.0 |
| 2025-04-13T03:10:21.624669+00:00 | Debian Oval Importer | Affected by | VCID-1j2q-k2gh-pqdk | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T22:36:05.252155+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T21:45:02.369457+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:37:36.432630+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:00:48.498749+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:19:34.161376+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:18:27.370430+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:06:25.392398+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:34:18.495360+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:33:34.134281+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:56:36.777992+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T02:05:50.267039+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-07T17:05:11.869461+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | None | 36.0.0 |
| 2025-04-07T16:34:15.575351+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | None | 36.0.0 |
| 2025-04-07T16:00:26.319633+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | None | 36.0.0 |
| 2025-04-07T14:42:51.191928+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | None | 36.0.0 |
| 2025-04-07T12:09:29.750716+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | None | 36.0.0 |
| 2024-11-28T22:53:04.498397+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-28T22:49:27.506822+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-14T07:19:46.008415+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-14T07:17:03.486238+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-09-21T07:09:44.475846+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T07:08:52.456981+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |