Mthg

**Name of the Vulnerable Software and Affected Versions** Orc discount versions up to 3.0.1.2 **Description** A flaw exists in the Markdown Handler component of Orc discount, specifically within the `compile` function of the `markdown.c` file. This issue leads to uncontrolled recursion, allowing for local execution of attacks. The exploit is publicly available. The project maintainer acknowledges this as a duplicate of a previously known bug involving an infinitely deep blockquote input causing a crash. **Recommendations** Versions prior to 3.0.1.2 should be updated.

**Name of the Vulnerable Software and Affected Versions** mxml versions up to 4.0.4 **Description** A flaw exists in mxml up to version 4.0.4 related to a stack-based buffer overflow. The issue resides within the `index sort` function in the `mxml-index.c` file, specifically within the `mxmlIndexNew` component. Manipulation of the `tempr` argument can trigger the overflow, limiting exploitation to local execution. The exploit has been publicly disclosed. **Recommendations** Apply patch 6e27354466092a1ac65601e01ce6708710bb9fa5 to remediate this issue.

**Name of the Vulnerable Software and Affected Versions** TP-Link TL-WR940N version V4 **Description** A critical issue has been found in the TP-Link TL-WR940N V4, affecting some unknown functionality of the file /userRpm/WanSlaacCfgRpm.htm. The manipulation of the `dnsserver1` argument leads to a buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider restricting access to the `/userRpm/WanSlaacCfgRpm.htm` file until a patch is available. Avoid using the `dnsserver1` argument in the affected functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.