Important: Red Hat Security Advisory: aide security update

An update for aide is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2025-54389

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An attacker can...

AlmaLinux 9 : aide (ALSA-2025:14493)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:14493 advisory. aide: improper output neutralization enables bypassing CVE-2025-54389 Tenable has extracted the preceding description block directly from the AlmaLinux security...

Important: Red Hat Security Advisory: aide security update

An update for aide is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Important: Red Hat Security Advisory: aide security update

An update for aide is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Oracle Linux 8 : aide (ELSA-2025-14573)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-14573 advisory. 0.16.15.2 - CVE-2025-54389 aide: improper output neutralization enables bypassing resolves: RHEL-109907 Tenable has extracted the preceding description block...

aide security update

0.16.15.2 - CVE-2025-54389 aide: improper output neutralization enables bypassing resolves: RHEL-109907...

ALSA-2025:14592 Important: aide security update

Advanced Intrusion Detection Environment AIDE is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Security Fixes: aide: improper output neutralization enables bypassing CVE-2025-54389 For more details abou...

Important: aide security update

Advanced Intrusion Detection Environment AIDE is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Security Fixes: aide: improper output neutralization enables bypassing CVE-2025-54389 For more details abou...

ALSA-2025:14573 Important: aide security update

Advanced Intrusion Detection Environment AIDE is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Security Fixes: aide: improper output neutralization enables bypassing CVE-2025-54389 For more details abou...

RHEL 8 : aide (RHSA-2025:14573)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:14573 advisory. Advanced Intrusion Detection Environment AIDE is a utility that creates a database of files on the system, and then uses that database to ensure fil...

RHEL 10 : aide (RHSA-2025:14592)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:14592 advisory. Advanced Intrusion Detection Environment AIDE is a utility that creates a database of files on the system, and then uses that database to ensure fi...

SUSE CVE-2025-54813

Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using JSONLayout, not all payload bytes are properly escaped. If an attacker-supplied message contains certain non-printable characters, these will be passed along in the message and written out as part of the JSON...

Important: Red Hat Security Advisory: aide security update

An update for aide is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2025:14493 Important: aide security update

Advanced Intrusion Detection Environment AIDE is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Security Fixes: aide: improper output neutralization enables bypassing CVE-2025-54389 For more details abou...

Important: aide security update

Advanced Intrusion Detection Environment AIDE is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Security Fixes: aide: improper output neutralization enables bypassing CVE-2025-54389 For more details abou...

RHEL 9 : aide (RHSA-2025:14493)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:14493 advisory. Advanced Intrusion Detection Environment AIDE is a utility that creates a database of files on the system, and then uses that database to ensure fil...

Oracle Linux 9 : aide (ELSA-2025-14493)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-14493 advisory. 0.16-103.2 RHEL 9.6.Z ERRATUM - CVE-2025-54389 aide: improper output neutralization enables bypassing Resolves: RHEL-109910 Tenable has extracted the preceding...

CVE-2025-54812

A flaw was found in log4cxx. When using HTMLLayout, logger names are not properly escaped. This vulnerability allows an attacker to provide untrusted data as a logger name to inject arbitrary HTML content into log output files. This issue can lead to cross-site scripting vulnerabilities if the HT...

CVE-2025-54813

A flaw was found in apache-log4cxx. When utilizing JSONLayout, the component fails to properly escape certain payload bytes, allowing attacker-supplied messages containing specific non-printable characters to be passed through unescaped. This allows an attacker to inject arbitrary data into log...