CVE-2025-48980
- EPSS 0.06%
- Veröffentlicht 30.10.2025 23:29:44
- Zuletzt bearbeitet 01.12.2025 21:15:50
In Brave Browser Desktop versions prior to 1.83.10 that have the split view feature enabled, the "Open Link in Split View" context menu item did not respect the SameSite cookie attribute. Therefore SameSite=Strict cookies would be sent on a cross-sit...
CVE-2025-23086
- EPSS 0.22%
- Veröffentlicht 21.01.2025 05:15:07
- Zuletzt bearbeitet 22.03.2025 14:15:16
On most desktop platforms, Brave Browser versions 1.70.x-1.73.x included a feature to show a site's origin on the OS-provided file selector dialog when a site prompts the user to upload or download a file. However the origin was not correctly inferre...
CVE-2016-10718
- EPSS 17.95%
- Veröffentlicht 04.04.2018 02:29:00
- Zuletzt bearbeitet 21.11.2024 02:44:35
Brave Browser before 0.13.0 allows a tab to close itself even if the tab was not opened by a script, resulting in denial of service.
CVE-2017-18256
- EPSS 11.22%
- Veröffentlicht 04.04.2018 02:29:00
- Zuletzt bearbeitet 21.11.2024 03:19:41
Brave Browser before 0.13.0 allows remote attackers to cause a denial of service (resource consumption) via a long alert() argument in JavaScript code, because window dialogs are mishandled.