dotnet: Denial of Service in System.Text.Json

A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an ExtensionData property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service...

dotnet: Denial of Service in System.Text.Json

A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an ExtensionData property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service...

datatables.net: prototype pollution if 'constructor' were used in a data property name

All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806...

A week in security (November 25 – December 1)

Last week on Malwarebytes Labs, we discussed why the notion of "data as property" may potentially hurt more than help, homed in on sextortion scammers getting more creative, and explored the possible security risks Americans might face if the US changed to universal healthcare coverage. Other...

‘Data as property’ promises fix for privacy problems, but could deepen inequality

In mid-November, Democratic presidential hopeful Andrew Yang unveiled a four-prong policy approach to solving some of today’s thornier tech issues, such as widespread misinformation, technology dependence, and data privacy. Americans, Yang proposed, should receive certain, guaranteed protections...

CVE-2006-3513

danim.dll in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service application crash by accessing the Data property of a DirectAnimation DAUserData object before it is initialized, which triggers a NULL pointer dereference...

CVE-2006-3513

danim.dll in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service application crash by accessing the Data property of a DirectAnimation DAUserData object before it is initialized, which triggers a NULL pointer dereference...