Debian Simgear vulnerabilities

5 known vulnerabilities affecting debian/simgear.

Total CVEs

5

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH1LOW4

Vulnerabilities

Page 1 of 1

CVE-2025-0781HIGHCVSS 8.6fixed in flightgear 1:2020.3.16+dfsg-1+deb12u1 (bookworm)2025

CVE-2025-0781 [HIGH] CVE-2025-0781: flightgear - An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to ... An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level. Scope: local bookworm: resolved (fixed in 1:2020.3.16+dfsg-1+deb12u1) bullseye: resolved (fixed in 1:2020.3.6+dfsg-1+deb11u1) forky: resolved (fixed in 1:2020.3.19+dfsg-1) sid: resolved (fixed in 1:2020.

CVE-2012-2091LOWCVSS 9.3fixed in flightgear 2.6.0-1.1 (bookworm)2012

CVE-2012-2091 [CRITICAL] CVE-2012-2091: flightgear - Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear 2.6 and earl... Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long string in a rotor tag of an aircraft xml model to the Rotor::getValueforFGSet function in src/FDM/YASim/Rotor.cpp or (2) a crafted UDP packet to the SGSoc

CVE-2012-2090LOWCVSS 9.3fixed in flightgear 2.6.0-1.1 (bookworm)2012

CVE-2012-2090 [CRITICAL] CVE-2012-2090: flightgear - Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear... Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/g

CVE-2009-3720LOWCVSS 5.0fixed in audacity 1.3.2-1 (bookworm)2009

CVE-2009-3720 [MEDIUM] CVE-2009-3720: audacity - The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as ... The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625. Scope: local bookwor

CVE-2009-3560LOWCVSS 5.0fixed in audacity 1.3.2-1 (bookworm)2009

CVE-2009-3560 [MEDIUM] CVE-2009-3560: audacity - The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in ... The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-20