Search for packages
| purl | pkg:deb/debian/flightgear@1.0.0-3 |
| Next non-vulnerable version | 1:2020.3.16+dfsg-1+deb12u1 |
| Latest non-vulnerable version | 1:2020.3.16+dfsg-1+deb12u1 |
| Risk | 4.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1j2q-k2gh-pqdk
Aliases: CVE-2025-0781 |
An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level. |
Affected by 0 other vulnerabilities. |
|
VCID-2gkf-7tg1-aaab
Aliases: CVE-2012-2090 |
Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx. |
Affected by 4 other vulnerabilities. |
|
VCID-7gtb-wvpj-aaaq
Aliases: CVE-2012-2091 |
Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long string in a rotor tag of an aircraft xml model to the Rotor::getValueforFGSet function in src/FDM/YASim/Rotor.cpp or (2) a crafted UDP packet to the SGSocketUDP::read function in simgear/simgear/simgear/io/sg_socket_udp.cxx. |
Affected by 4 other vulnerabilities. |
|
VCID-7txw-7t76-aaab
Aliases: CVE-2017-8921 |
In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan (XML). A resource such as a malicious third-party aircraft could exploit this to damage files belonging to the user. Both this issue and CVE-2016-9956 are directory traversal vulnerabilities in Autopilot/route_mgr.cxx - this one exists because of an incomplete fix for CVE-2016-9956. |
Affected by 2 other vulnerabilities. |
|
VCID-jx8t-94cp-aaas
Aliases: CVE-2016-9956 |
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script. |
Affected by 4 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-vm83-ajzg-aaan
Aliases: CVE-2017-13709 |
In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T19:05:58.662498+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:05:18.723591+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:40:30.032498+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:08:05.941921+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:06:44.755359+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:23:46.227690+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T09:49:25.519723+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T01:05:00.945773+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | None | 36.1.3 |
| 2025-06-21T00:34:44.861001+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | None | 36.1.3 |
| 2025-06-21T00:03:17.877464+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | None | 36.1.3 |
| 2025-06-20T22:47:34.046893+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | None | 36.1.3 |
| 2025-06-20T19:39:55.363859+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | None | 36.1.3 |
| 2025-06-08T11:35:05.699036+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:36:56.223493+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:33:42.307142+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:01:37.446304+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:01:37.760296+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:25:27.861927+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T03:38:04.854223+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-07T18:27:35.191142+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | None | 36.1.0 |
| 2025-06-07T17:57:22.381760+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | None | 36.1.0 |
| 2025-06-07T17:26:05.575674+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | None | 36.1.0 |
| 2025-06-07T16:11:28.386257+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | None | 36.1.0 |
| 2025-06-07T13:34:03.739695+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | None | 36.1.0 |
| 2025-04-13T03:10:21.635496+00:00 | Debian Oval Importer | Affected by | VCID-1j2q-k2gh-pqdk | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T22:36:05.262039+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T21:45:02.379374+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:37:36.442982+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:00:48.508496+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:19:34.171314+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:18:27.380271+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:06:25.402090+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:34:18.505427+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:33:34.144176+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:56:36.787965+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T02:05:50.277576+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-07T17:05:11.879158+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | None | 36.0.0 |
| 2025-04-07T16:34:15.585249+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | None | 36.0.0 |
| 2025-04-07T16:00:26.330307+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | None | 36.0.0 |
| 2025-04-07T14:42:51.203001+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | None | 36.0.0 |
| 2025-04-07T12:09:29.761384+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | None | 36.0.0 |
| 2024-11-28T22:53:04.510877+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-28T22:49:27.516778+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-14T07:19:46.018026+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-14T07:17:03.495985+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-09-21T07:09:44.486387+00:00 | Debian Oval Importer | Affected by | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T07:08:52.469458+00:00 | Debian Oval Importer | Affected by | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |