2 matches found
CVE-2025-12486
CVE-2025-12486 covers a cross-site scripting/remote code execution vulnerability in Heimdall Data Database Proxy. The flaw arises from improper validation of user-supplied data in the handling of database event logs, enabling arbitrary script injection and allowing an attacker to execute code in ...
OESA-2025-2112 aide security update
Security Fixes: A vulnerability was found in AIDE up to 0.19.1 and classified as problematic.Using CWE to declare the problem leads to CWE-117. The product does not neutralize or incorrectly neutralizes output that is written to logs.Impacted is integrity.Upgrading to version 0.19.2 eliminates th...