better-auth-cloudflare (=0.1.0), next-ai-draw-io (=0.4.10) potentially affected by CVE-2025-6087 +1 more via @opennextjs/cloudflare (>=1.0.1 <=1.14.8)

@opennextjs/cloudflare NPM version =1.0.1, =1.14.8 is affected by a known vulnerability. The following packages have a transitive dependency on @opennextjs/cloudflare and may be impacted: - better-auth-cloudflare =0.1.0 - next-ai-draw-io =0.4.10 Source cves: CVE-2025-6087, CVE-2026-3125 Source...

Linux Distros Unpatched Vulnerability : CVE-2018-6087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML...

@basemachina/ai-csv-editor (>=0.1.0 <=0.2.1), @edgebasejs/admin-console (=0.1.0) +13 more potentially affected by CVE-2025-6087 +1 more via @opennextjs/cloudflare (>=1.0.1 <=1.19.8)

@opennextjs/cloudflare NPM version =1.0.1, =0.1.0, =0.1.4, =0.1.0, =0.1.0, =0.1.0, =0.0.694, =0.0.1, =0.0.6 - next-ai-draw-io =0.4.10 - opennext-oss-provider =0.0.1 Source cves: CVE-2025-6087, CVE-2026-3125 Source advisory: OSV:GHSA-RVPW-P7VW-WJ3M...

CVE-2025-6087

creationtimestamp| type| source ---|---|--- 2025-06-16 19:25:01+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114694678161147224 2025-06-16 19:41:02+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18520 2025-06-19 03:14:52+00:00| seen|...

CVE-2025-6087

CVE-2025-6087 affects @opennextjs/cloudflare (OpenNext Cloudflare adapter) and enables SSRF by proxying arbitrary remote content through the /_next/image endpoint due to an unimplemented feature. Affected deployments using the Cloudflare adapter for Open Next are at risk of loading remote resourc...

CVE-2024-6087

An improper access control vulnerability exists in lunary-ai/lunary at the latest commit a761d83 on the main branch. The vulnerability allows an attacker to use the auth tokens issued by the 'invite user' functionality to obtain valid JWT tokens. These tokens can be used to compromise target user...

CVE-2020-6087

An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious...

CVE-2024-6087

creationtimestamp| type| source ---|---|--- 2024-09-13 19:38:19+00:00| seen| https://t.me/cvedetector/5623...

CVE-2023-6087

Rejected reason: Accidental Request...

FreeBSD : varnish -- Request Smuggling Vulnerability (b10d1afa-6087-11ed-8c5e-641c67a117d8)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b10d1afa-6087-11ed-8c5e-641c67a117d8 advisory. - Varnish Cache Project reports: A request smuggling attack can be performed on Varnish Cache servers b...

Mageia: Security Advisory (MGASA-2018-0268)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rockwell Automation 1794-AENT Flex I/O Series B

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: 1794-AENT Flex I/O Series B Vulnerabilities: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being...

CVE-2020-6087

CVE-2020-6087 affects Allen-Bradley Flex IO 1794-AENT/B (Series B) via the ENIP Request Path Data Segment. The vulnerability occurs when the ANSI Extended Symbol Segment Sub-Type is used; the following byte is treated as the Data Size in words, and if it exceeds the packet data, the device faults...

Fedora 28 : chromium (2018-94e1bc8c23)

Update to 66.0.3359.181. Security fix for CVE-2018-6085 CVE-2018-6086 CVE-2018-6087 CVE-2018-6088 CVE-2018-6089 CVE-2018-6090 CVE-2018-6091 CVE-2018-6092 CVE-2018-6093 CVE-2018-6094 CVE-2018-6095 CVE-2018-6096 CVE-2018-6097 CVE-2018-6098 CVE-2018-6099 CVE-2018-6100 CVE-2018-6101 CVE-2018-6102...

CVE-2018-6087

CVE-2018-6087 describes a use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117. The issue allowed a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. The connected sources confirm the root cause (WebAssembly use-after-free) and the impact (remo...

Fedora 27 : chromium (2018-812b5d5a71)

Update to 66.0.3359.181. Security fix for CVE-2018-6085 CVE-2018-6086 CVE-2018-6087 CVE-2018-6088 CVE-2018-6089 CVE-2018-6090 CVE-2018-6091 CVE-2018-6092 CVE-2018-6093 CVE-2018-6094 CVE-2018-6095 CVE-2018-6096 CVE-2018-6097 CVE-2018-6098 CVE-2018-6099 CVE-2018-6100 CVE-2018-6101 CVE-2018-6102...

Debian DSA-4182-1 : chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2018-6056 lokihardt discovered an error in the v8 JavaScript library. - CVE-2018-6057 Gal Beniamini discovered errors related to shared memory permissions. - CVE-2018-6060 Omair discovered a use-after-free issue in...

Critical: Red Hat Security Advisory: chromium-browser security update

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

CVE-2018-6087

A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

KLA11232 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, cause denial of service, spoof user interface, gain privileges, execute arbitrary code and perform unspecified attack...