Improper Output Neutralization for Logs

Overview org.webjars.npm:morgan is a HTTP request logger middleware for node.js. Affected versions of this package are vulnerable to Improper Output Neutralization for Logs via the :remote-user token, which extracts the Basic auth username from the Authorization header and writes it to the log...

ROS-20260209-73-0017

PowerDNS Recursor DNS server vulnerability is related to failure to take measures to neutralize special elements in the output data. Exploitation of the vulnerability could allow a remote attacker to affect the integrity and availability of protected information...

MiracleLinux 8 : aide-0.16-15.el8_10.2 (AXSA:2025-10798:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10798:03 advisory. aide: improper output neutralization enables bypassing CVE-2025-54389 Tenable has extracted the preceding description block directly from the MiracleLinux...

RHEL 8 : aide (RHSA-2025:14981)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:14981 advisory. Advanced Intrusion Detection Environment AIDE is a utility that creates a database of files on the system, and then uses that database to ensure fil...

EulerOS 2.0 SP13 : aide (EulerOS-SA-2025-2492)

According to the versions of the aide package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An...

IBM Concert 安全漏洞

IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from an improper output neutralization vulnerability that can be exploited by an attacker to cause a forge...

UBUNTU-CVE-2025-62697

Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in The Wikimedia Foundation Mediawiki - LanguageSelector Extension allows Code Injection.This issue affects Mediawiki - LanguageSelector Extension: from master before 1.39...

EUVD-2015-1029

Malware in sbrugna...

EUVD-2025-25621

Malicious code in bioql PyPI...

EUVD-2024-16764

Malicious code in bioql PyPI...

EUVD-2022-51392

Malicious code in bioql PyPI...

RLSA-2025:14592 Important: aide security update

Advanced Intrusion Detection Environment AIDE is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Security Fixes: aide: improper output neutralization enables bypassing CVE-2025-54389 For more details abou...

SUSE-SU-2025:20754-1 Security update for aide

This update for aide fixes the following issues: - CVE-2025-54389: Fixed improper output neutralization bsc1247884 - CVE-2025-54409: Fixed null pointer dereference after reading incorrectly encoded xattr attributes from database bsc1247885...

Security update for aide

This update for aide fixes the following issues: CVE-2025-54389: Fixed improper output neutralization bsc1247884 CVE-2025-54409: Fixed null pointer dereference after reading incorrectly encoded xattr attributes from database bsc1247885 Patch Instructions: To install this SUSE update use the SUSE...

Important: Red Hat Security Advisory: aide security update

An update for aide is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 7 : aide (RHSA-2025:15728)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:15728 advisory. Advanced Intrusion Detection Environment AIDE is a utility that creates a database of files on the system, and then uses that database to ensure fil...

AIDE improper output neutralization vulnerability

...

aide: improper output neutralization enables bypassing

A flaw was found in AIDE. This flaw allows an attacker to craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and tamper with the log output. A local user may exploit this to bypass AIDE's detection of malicious files...

Important: Red Hat Security Advisory: aide security update

An update for aide is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

Important: Red Hat Security Advisory: aide security update

An update for aide is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...