201 matches found
Brave Software: iOS Brave Playlist "Open in Private Tab" bypasses FaceID requirement for Private Tabs
A vulnerability was discovered in the Brave browser for iOS where adding or opening a song in the Brave playlist and holding for the "Open in new Private Tab" option bypassed the Face ID or passcode requirement for accessing Private Tabs. This affected Brave iOS version 1.88 and iOS version 26.4....
CVE-2018-10799
A hang issue was discovered in Brave before 0.14.0 on, for example, Linux. This vulnerability is caused by the mishandling of a long URL formed by window.location+='?\u202a\uFEFF\u202b'; concatenation in a SCRIPT element...
CVE-2021-22917
Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled...
CVE-2025-23086
On most desktop platforms, Brave Browser versions 1.70.x-1.73.x included a feature to show a site's origin on the OS-provided file selector dialog when a site prompts the user to upload or download a file. However the origin was not correctly inferred in some cases. When combined with an open...
CVE-2025-68508
Missing Authorization vulnerability in Brave Brave brave-popup-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brave: from n/a through = 0.8.3...
EUVD-2025-205207
Missing Authorization vulnerability in Brave Brave brave-popup-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brave: from n/a through = 0.8.3...
CVE-2025-48980
In Brave Browser Desktop versions prior to 1.83.10 that have the split view feature enabled, the "Open Link in Split View" context menu item did not respect the SameSite cookie attribute. Therefore SameSite=Strict cookies would be sent on a cross-site navigation using this method...
EUVD-2025-37235
In Brave Browser Desktop versions prior to 1.83.10 that have the split view feature enabled, the "Open Link in Split View" context menu item did not respect the SameSite cookie attribute. Therefore SameSite=Strict cookies would be sent on a cross-site navigation using this method...
CVE-2025-48980
In Brave Browser Desktop versions prior to 1.83.10 that have the split view feature enabled, the "Open Link in Split View" context menu item did not respect the SameSite cookie attribute. Therefore SameSite=Strict cookies would be sent on a cross-site navigation using this method...
Brave Browser Desktop 安全漏洞
Brave Browser Desktop is a desktop browser from Brave USA. A security vulnerability exists in Brave Browser Desktop versions prior to 1.83.10, which stems from a failure to follow the SameSite cookie attribute for the Open Link in Split View context menu item when the Split View feature is enable...
CVE-2025-48980
In Brave Browser Desktop versions prior to 1.83.10 that have the split view feature enabled, the "Open Link in Split View" context menu item did not respect the SameSite cookie attribute. Therefore SameSite=Strict cookies would be sent on a cross-site navigation using this method...
CVE-2025-48980
In Brave Browser Desktop versions prior to 1.83.10 that have the split view feature enabled, the "Open Link in Split View" context menu item did not respect the SameSite cookie attribute. Therefore SameSite=Strict cookies would be sent on a cross-site navigation using this method...
CVE-2025-48980
Brave Browser Desktop (pre-1.83.10) with Split View enabled has a cookie handling flaw in the Open Link in Split View context menu: SameSite=Strict cookies could be sent during cross-site navigation. This is tied to Brave’s Split View behavior and affects confidentiality with cross-site requests....
PT-2025-44560
Name of the Vulnerable Software and Affected Versions Brave Browser versions prior to 1.83.10 Description The "Open Link in Split View" context menu item in Brave Browser Desktop did not correctly handle the SameSite cookie attribute when the split view feature was enabled. Specifically,...
WebRTC Metadata and IP Leakage in Modern Browsers: A Cross-Platform Measurement Study
Web Real-Time Communication WebRTC enables real-time peer-to-peer communication, but its Interactive Connectivity Establishment ICE process can unintentionally expose internal and public IP addresses as metadata. This paper presents a cross-platform measurement study of WebRTC metadata leakage...
EUVD-2018-2867
Malware in sbrugna...
EUVD-2017-17408
Malware in sbrugna...
EUVD-2021-10046
Malware in sbrugna...
EUVD-2017-1588
Malware in sbrugna...
EUVD-2016-10279
Malware in sbrugna...