CVE-2026-6542 Monitor API allows cross-user read of transaction logs and deletion of build data via flow_id

IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flowid to read transaction logs and vertex build data belonging to other users, and to delete persisted vertex build data for another user's flow...

EUVD-2026-26447

IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flowid to read transaction logs and vertex build data belonging to other users, and to delete persisted vertex build data for another user's flow...

CVE-2026-6542

IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flowid to read transaction logs and vertex build data belonging to other users, and to delete persisted vertex build data for another user's flow...

Security Bulletin: Monitor API allows cross-user read of transaction logs and deletion of build data via flow_id

Summary Langflow OSS is affected by an insecure direct object reference vulnerability in its Monitor API due to missing authorization checks. Although these endpoints require authentication, they fail to verify ownership of the provided flowid, allowing any authenticated user to access or...

CVE-2020-12023

Philips IntelliBridge Enterprise IBE, Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns VS4, EarlyVue VS30 and IntelliVue Guardian IGS. Unencrypted user credentials received in the IntelliBridge Enterprise IBE are logged within the transaction logs, which are...

EUVD-2020-4339

Malware in sbrugna...

ETrace:Event-Driven Vulnerability Detection in Smart Contracts Via LLM-Based Trace Analysis

With the advance application of blockchain technology in various fields, ensuring the security and stability of smart contracts has emerged as a critical challenge. Current security analysis methodologies in vulnerability detection can be categorized into static analysis and dynamic analysis...

CVE-2024-12329

The Essential Real Estate plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on several pages/post types in all versions up to, and including, 5.1.6. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2024-9865

The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘epbookingattendeefields’ fields in all versions up to, and including, 4.0.4.7 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2020-12023

Philips IntelliBridge Enterprise IBE, Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns VS4, EarlyVue VS30 and IntelliVue Guardian IGS. Unencrypted user credentials received in the IntelliBridge Enterprise IBE are logged within the transaction logs, which are...

CVE-2020-12023

Philips IntelliBridge Enterprise IBE, Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns VS4, EarlyVue VS30 and IntelliVue Guardian IGS. Unencrypted user credentials received in the IntelliBridge Enterprise IBE are logged within the transaction logs, which are...

Code injection

Philips IntelliBridge Enterprise IBE, Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns VS4, EarlyVue VS30 and IntelliVue Guardian IGS. Unencrypted user credentials received in the IntelliBridge Enterprise IBE are logged within the transaction logs, which are...

CVE-2020-12023 Philips IntelliBridge Enterprise IBE Insertion of Sensitive Information into Log File

Philips IntelliBridge Enterprise IBE, Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns VS4, EarlyVue VS30 and IntelliVue Guardian IGS. Unencrypted user credentials received in the IntelliBridge Enterprise IBE are logged within the transaction logs, which are...

PT-2020-12991 · Philips · Earlyvue +3

Name of the Vulnerable Software and Affected Versions: Philips IntelliBridge Enterprise IBE versions B.12 and prior Description: The issue concerns the logging of unencrypted user credentials within the transaction logs of the IntelliBridge Enterprise system. These logs are secured behind a...

Regipy - An OS Independent Python Library For Parsing Offline Registry Hives

Regipy is a python library for parsing offline registry hives. regipy has a lot of capabilities: Use as a library: Recurse over the registry hive, from root or a given path and get all subkeys and values Read specific subkeys and values Apply transaction logs on a registry hive Command Line Tools...

Digging Up the Past: Windows Registry Forensics Revisited

ARCHIVED STORY Digging Up the Past: Windows Registry Forensics Revisited By David Via · Jan 08, 2019 Introduction FireEye consultants frequently utilize Windows registry data when performing forensic analysis of computer networks as part of incident response and compromise assessment missions. Th...

Event ID 9782 is thrown after successful backup

Challenge During Exchange 2010 application aware backup with "Copy only" option enabled you notice following events in Application event log on Exchange server: Log Name: Application Source: MSExchangeIS Date: 5/10/2018 5:38:39 PM Event ID: 9782 Task Category: Exchange VSS Writer Level: Error...

No Transaction Logs Truncated After Backup of Exchange DAG Passive Node

Article Applicability This article documents a niche issue caused by changes being made to the Exchange configuration. Challenge This article is specific to a scenario where all of the following are true: Microsoft Exchange transaction logs are not truncated after the backup completes. The...

VeeamONE SQL Database Log File (ldf) Growth

Challenge The transaction log file .ldf for the Veeam ONE configuration database VeeamONE consumes an unexpectedly large amount of disk space. Cause This occurs when the Recovery Model of the VeeamONE configuration database is set to Full or Bulk-Logged. Note: By deafult, Veeam ONE expects and...

Release Information for Veeam Backup & Replication 7 Patch 4

More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge Veeam Backup & Replication Patch 4 Release Notes Cause Please confirm you are running version 7.0.0.690, 7.0.0.715, 7.0.0.764, 7.0.0.771, 7.0.0.833, 7.0.0.83...