Advanced Intrusion Detection Environment Project Advanced Intrusion Detection Environment vulnerabilities

CVE-2025-54409 [MEDIUM] CWE-476 CVE-2025-54409: AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null p AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a key containing a comma. A local user might exploit th

CVE-2025-54389 [MEDIUM] CWE-117 CVE-2025-54389: AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper o AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An attacker can craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and/or tamper with the log output. A local user might exploit thi

CVE-2021-45417 [HIGH] CWE-787 CVE-2021-45417: AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as X AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.