webkitgtk: A type confusion issue could lead to memory corruption

A flaw was found in WebKitGTK. Processing malicious web content can cause a type confusion issue due to improper handling of floats and result in memory corruption...

mpfr: buffer overflow in mpfr_strtofr

Buffer overflow in the mpfrstrtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpnsetstr...

CVE-2024-11645

The float block WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-3225

The Float menu WordPress plugin before 5.0.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-37769

stress-test master commit e4c878 was discovered to contain a FPE vulnerability via the component combineinner at /pixman-combine-float.c...

CVE-2022-2709

The Float to Top Button WordPress plugin through 2.3.6 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2020-35923

An issue was discovered in the ordered-float crate before 1.1.1 and 2.x before 2.0.1 for Rust. A NotNan value can contain a NaN...

SUSE CVE-2025-24213

This issue was addressed with improved handling of floats. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. A type confusion issue could lead to memory corruption...

DEBIAN-CVE-2025-24213

This issue was addressed with improved handling of floats. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. A type confusion issue could lead to memory corruption...

UBUNTU-CVE-2025-24213

This issue was addressed with improved handling of floats. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. A type confusion issue could lead to memory corruption...

CVE-2025-30912

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Float menu float-menu allows Cross Site Request Forgery.This issue affects Float menu: from n/a through = 6.1.2...

WordPress Float menu plugin <= 6.1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Khang Duong in WordPress Plugin Float menu versions = 6.1.2...

CVE-2025-30912

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Float menu float-menu allows Cross Site Request Forgery.This issue affects Float menu: from n/a through = 6.1.2...

CVE-2025-30912

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Float menu float-menu allows Cross Site Request Forgery.This issue affects Float menu: from n/a through = 6.1.2...

CVE-2025-30912 WordPress Float menu plugin <= 6.1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Float menu float-menu allows Cross Site Request Forgery.This issue affects Float menu: from n/a through = 6.1.2...

CVE-2025-30912 WordPress Float menu plugin <= 6.1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Float menu float-menu allows Cross Site Request Forgery.This issue affects Float menu: from n/a through = 6.1.2...

CVE-2025-30912

CVE-2025-30912 is a CSRF vulnerability in the Float menu WordPress plugin. Affected: Float menu versions up to 6.1.2 (initial doc lists the range). The issue permits Cross-Site Request Forgery to change settings; impact per CVSS includes no confidentiality loss, partial integrity, and partial ava...

WordPress plugin Float menu 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

php: Use after free due to php_filter_float() failing for ints

A flaw was found in PHP. The vulnerability occurs due to the malformed phpfilterfloat function and leads to a use-after-free vulnerability. This flaw allows an attacker to inject a malicious file, leading to a crash or a Segmentation fault...

php: Use after free due to php_filter_float() failing for ints

A flaw was found in PHP. The vulnerability occurs due to the malformed phpfilterfloat function and leads to a use-after-free vulnerability. This flaw allows an attacker to inject a malicious file, leading to a crash or a Segmentation fault...