CVE-2019-25352 Genivia Crystal Live HTTP Server 6.01 - 'Crystal Live HTTP Server' Path Traversal

Crystal Live HTTP Server 6.01 contains a directory traversal vulnerability that allows remote attackers to access system files by manipulating URL path segments. Attackers can use multiple '../' sequences to navigate outside the web root and retrieve sensitive configuration files like Windows...

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code VS Code extensions that, if successfully exploited, could allow threat actors to steal local files and execute code remotely. The extensions, which have been collectively...

CVE-2025-65717

An issue in Visual Studio Code Extensions Live Server v5.7.9 allows attackers to exfiltrate files via user interaction with a crafted HTML page...

CVE-2025-65717

An issue in Visual Studio Code Extensions Live Server v5.7.9 allows attackers to exfiltrate files via user interaction with a crafted HTML page...

CVE-2025-65717

An issue in Visual Studio Code Extensions Live Server v5.7.9 allows attackers to exfiltrate files via user interaction with a crafted HTML page...

CVE-2025-65717

An issue in Visual Studio Code Extensions Live Server v5.7.9 allows attackers to exfiltrate files via user interaction with a crafted HTML page...

PT-2026-8356

Name of the Vulnerable Software and Affected Versions Visual Studio Code Live Server version 5.7.9 Description An issue in Visual Studio Code Live Server allows attackers to exfiltrate files through user interaction with a specially crafted HTML page. Recommendations At the moment, there is no...

CVE-2025-65717

CVE-2025-65717 affects Visual Studio Code Live Server extension (v5.7.9). According to connected sources, an attacker can exfiltrate local files by luring a developer to a crafted HTML page which, via the local development HTTP server on localhost:5500, executes JavaScript to crawl and send files...

CVE-2025-65717

An issue in Visual Studio Code Extensions Live Server v5.7.9 allows attackers to exfiltrate files via user interaction with a crafted HTML page...

Live Server 安全漏洞

Live Server is a local development server personally developed by Ritwick Dey. Version 5.7.9 of Live Server contains a security vulnerability, which stems from user interactions with specially crafted HTML pages, potentially leading to file leaks...

CVE-2025-65717

An issue in Visual Studio Code Extensions Live Server v5.7.9 allows attackers to exfiltrate files via user interaction with a crafted HTML page...

Exploit for CVE-2023-39848

DAMN VULNERABLE WEB APPLICATION Damn Vulnerable Web Applicati...

Malicious code in bud-live-server (npm)

The package bud-live-server was found to contain malicious code...

bud-live-server (>=0.0.0 <=0.0.5), just-a-browserify-server (>=0.0.0 <=1.0.0) potentially affected by unknown CVE via just-a-server (>=0.0.0 <=0.0.1)

just-a-server NPM version =0.0.0, =0.0.0, =0.0.0, =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-24109...

MAL-2025-16256 Malicious code in bud-live-server (npm)

The package bud-live-server was found to contain malicious code...

SQL Injection Vulnerability in Shenzhen Siliconware Sewise Live Server

SEWISE is a streaming media cloud computing company engaged in streaming media encoding, distribution and storage of audio and video. sewise live streaming server is a product of this company. A SQL injection vulnerability exists in SEWISE live server. An attacker can exploit the vulnerability to...

CVE-2005-3900

Macromedia Breeze Communication Server and Breeze Live Server does 5.1 and earlier not sufficiently validate certain RTMP data, which allows attackers to cause a denial of service instability or crash, as demonstrated using an alpha release build of Flash Player 8.5 build 133...

CVE-2005-3900

Macromedia Breeze Communication Server and Breeze Live Server does 5.1 and earlier not sufficiently validate certain RTMP data, which allows attackers to cause a denial of service instability or crash, as demonstrated using an alpha release build of Flash Player 8.5 build 133...

CVE-2005-3900

CVE-2005-3900 affects Macromedia Breeze Communication Server and Breeze Live Server (version 5.1 and earlier). The vulnerability arises from insufficient validation of certain RTMP data, which can cause a denial of service (instability or crash). The NVD description notes this was demonstrated wi...

[[email protected]: Macromedia Security Bulletins]

Macromedia Security Bulletins: - Contribute Publishing Server - Flash Communication Server - Breeze Communication Server and Breeze Live Server MPSB05-08 Contribute Publishing Server Password Encryption Summary: Macromedia Contribute Publishing Server CPS 1.11 includes a security update that...