Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

simgear

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2025-0781
Assigner-GitLab Inc.
ShareView Details
Assigner-GitLab Inc.
CVSS Score-8.6||HIGH
EPSS-0.06% / 20.19%
||
7 Day CHG+0.01%
Published-28 Jan, 2025 | 16:34
Updated-06 Aug, 2025 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Authorization in SimGear

An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level.

Action-Not Available
Vendor-flightgearFlightGearDebian GNU/Linux
Product-simgeardebian_linuxSimGear
CWE ID-CWE-863
Incorrect Authorization
CVE-2012-2090
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-9.3||HIGH
EPSS-7.47% / 91.40%
||
7 Day CHG~0.00%
Published-17 Jun, 2012 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx.

Action-Not Available
Vendor-simgearflightgearn/a
Product-flightgearsimgearn/a
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2012-2091
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-9.3||HIGH
EPSS-9.04% / 92.30%
||
7 Day CHG~0.00%
Published-17 Jun, 2012 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long string in a rotor tag of an aircraft xml model to the Rotor::getValueforFGSet function in src/FDM/YASim/Rotor.cpp or (2) a crafted UDP packet to the SGSocketUDP::read function in simgear/simgear/simgear/io/sg_socket_udp.cxx.

Action-Not Available
Vendor-simgearflightgearn/a
Product-flightgearsimgearn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer