Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
md4c project vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-11536
md4c prior to 0.2.5 has a heap-based buffer overflow because md_split_simple_pairing_mark mishandles splits.
Md4c Project Md4c
7.8
CVSSv3
CVE-2018-12112
md_build_attribute in md4c.c in md4c 0.2.6 allows remote malicious users to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.
Md4c Project Md4c 0.2.6
7.5
CVSSv3
CVE-2020-26148
md_push_block_bytes in md4c.c in md4c 0.4.5 allows malicious users to trigger use of uninitialized memory, and cause a denial of service (e.g., assertion failure) via a malformed Markdown document.
Md4c Project Md4c 0.4.5
9.8
CVSSv3
CVE-2018-11545
md4c 0.2.5 has a heap-based buffer overflow in md_merge_lines because md_is_link_label mishandles the case of a link label composed solely of backslash escapes.
Md4c Project Md4c 0.2.5
9.8
CVSSv3
CVE-2018-11546
md4c 0.2.5 has a heap-based buffer over-read because md_is_named_entity_contents has an off-by-one error.
Md4c Project Md4c 0.2.5
9.8
CVSSv3
CVE-2018-11547
md_is_link_reference_definition_helper in md4c 0.2.5 has a heap-based buffer over-read because md_is_link_label mishandles loop termination.
Md4c Project Md4c 0.2.5
5.5
CVSSv3
CVE-2018-12102
md4c 0.2.6 has a NULL pointer dereference in the function md_process_line in md4c.c, related to ctx->current_block.
Md4c Project Md4c 0.2.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started