Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
md4c project md4c vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-26148
md_push_block_bytes in md4c.c in md4c 0.4.5 allows malicious users to trigger use of uninitialized memory, and cause a denial of service (e.g., assertion failure) via a malformed Markdown document.
Md4c Project Md4c 0.4.5
6.8
CVSSv2
CVE-2018-12112
md_build_attribute in md4c.c in md4c 0.2.6 allows remote malicious users to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.
Md4c Project Md4c 0.2.6
4.3
CVSSv2
CVE-2018-12102
md4c 0.2.6 has a NULL pointer dereference in the function md_process_line in md4c.c, related to ctx->current_block.
Md4c Project Md4c 0.2.6
7.5
CVSSv2
CVE-2018-11545
md4c 0.2.5 has a heap-based buffer overflow in md_merge_lines because md_is_link_label mishandles the case of a link label composed solely of backslash escapes.
Md4c Project Md4c 0.2.5
7.5
CVSSv2
CVE-2018-11546
md4c 0.2.5 has a heap-based buffer over-read because md_is_named_entity_contents has an off-by-one error.
Md4c Project Md4c 0.2.5
7.5
CVSSv2
CVE-2018-11547
md_is_link_reference_definition_helper in md4c 0.2.5 has a heap-based buffer over-read because md_is_link_label mishandles loop termination.
Md4c Project Md4c 0.2.5
7.5
CVSSv2
CVE-2018-11536
md4c prior to 0.2.5 has a heap-based buffer overflow because md_split_simple_pairing_mark mishandles splits.
Md4c Project Md4c
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started