CVE-2026-4833

A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is restricted to local execution. The exploit has been made available to the...

CVE-2026-4833

CVE-2026-4833 affects Orc discount up to 3.0.1.2, specifically the Markdown Handler's markdown.c compile function. The issue causes uncontrolled recursion when fed input such as an infinitely deep blockquote, leading to a local-execution crash. Public exploit availability exists, and the project ...

PT-2026-28186

A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is restricted to local execution. The exploit has been made available to the...

CVE-2024-27280

A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fix...

Naver Whale Browser Security Vulnerability

Naver Whale Browser is a web browser from South Korea's Naver that supports user-defined interfaces. A security vulnerability exists in Naver Whale Browser versions prior to 3.0.1.2, which stems from a vulnerability that allows an attacker to bypass its browser unlock feature...

PT-2023-20201 · Google · Whale

Name of the Vulnerable Software and Affected Versions: Android Mobile Whale browser app versions prior to 3.0.1.2 Description: The issue allows an attacker to bypass the browser unlock function using the 'Open in Whale' feature. Recommendations: For versions prior to 3.0.1.2, update to version...

Security Bulletin: IBM App Connect for Manufacturing is vulnerable to a denial of service due to FasterXML jackson-databind (CVE-2022-42004, CVE-2022-42003)

Summary IBM App Connect for Manufacturing is vulnerable to a denial of service due to FasterXML jackson-databind CVE-2022-42004, CVE-2022-42003 Vulnerability Details CVEID:CVE-2022-42004 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in i...

Diamond Resource Management Error Vulnerability

Diamond is a cryptocurrency. A resource management error vulnerability exists in Diamond 3.0.1.2 and prior versions. An attacker could exploit this vulnerability to cause a denial of service...

Diamond denial of service vulnerability (DDOS)

Diamond is a cryptocurrency. A security vulnerability exists in Diamond 3.0.1.2 and earlier versions. An attacker could exploit this vulnerability to cause a denial of service...

Code injection

Diamond through 3.0.1.2 a chain-based proof-of-stake cryptocurrency allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk...

NaviCOPA Web Server Source Code Disclosure Vulnerability

The host is running NaviCOPA Web Server and is prone to Source Code Disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbnavicopaserverinfodiscvuln.nasl 5323 2017-02-17 08:49:23Z teissa $ NaviCOPA Web Server Source Code Disclosure Vulnerability Authors: Antu Sanadi Copyright: Copyright c...

Code injection

InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote attackers to obtain the source code for a web page via a trailing encoded space character in a URI, as demonstrated by /index.html%20 and /index.php%20 URIs...

NaviCOPA <= 3.0.1.2 Source Disclosure

No description provided by source. NaviCOPA Web Server = 3.0.1.2 Remote Source Disclosure Found By: DrIDE Tested On: Windows XPSP3 Download: www.navicopa.com/download.html - Description - NaviCOPA Web Server = 3.0.1.2 is a Windows based HTTP server. This is the latest version of the application...