The _mkdtrim_line function in mkdio.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file (CVE-2018-11468).
DISCOUNT through version 2.2.3a is vulnerable to a Heap-based buffer-overflow in in the markdown.c:isfootnote() function. An attacker could exploit this to cause a denial of service (CVE-2018-11503).
DISCOUNT through version 2.2.3a is vulnerable to a Heap-based buffer-overflow in in the markdown.c:islist() function. An attacker could exploit this to cause a denial of service (CVE-2018-11504).
The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file (CVE-2018-12495).