Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
brave brave vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-10799
A hang issue exists in Brave prior to 0.14.0 (on, for example, Linux). This vulnerability is caused by the mishandling of a long URL formed by window.location+='?\u202a\uFEFF\u202b'; concatenation in a SCRIPT element.
Brave Brave
4.3
CVSSv3
CVE-2023-28360
An omission of security-relevant information vulnerability exists in Brave desktop prior to version 1.48.171 when a user was saving a file there was no download safety check dialog presented to the user.
Brave Brave
4.3
CVSSv3
CVE-2018-1000815
Brave Software Inc. Brave version version 0.22.810 to 0.24.0 contains a Other/Unknown vulnerability in function ContentSettingsObserver::AllowScript() in content_settings_observer.cc that can result in Websites can run inline JavaScript even if script is blocked, making attackers...
Brave Brave
6.5
CVSSv3
CVE-2017-8458
Brave 0.12.4 has a URI Obfuscation issue in which a string such as https://safe.example.com@unsafe.example.com/ is displayed without a clear UI indication that it is not a resource on the safe.example.com web site.
Brave Brave 0.12.4
6.5
CVSSv3
CVE-2017-8459
Brave 0.12.4 has a Status Bar Obfuscation issue in which a redirection target is shown in a possibly unexpected way. NOTE: third parties dispute this issue because it is a behavior that might have legitimate applications in (for example) the display of web-search results
Brave Brave 0.12.4
7.5
CVSSv3
CVE-2016-10718
Brave Browser prior to 0.13.0 allows a tab to close itself even if the tab was not opened by a script, resulting in denial of service.
Brave Brave Browser
1 EDB exploit
6.5
CVSSv3
CVE-2017-18256
Brave Browser prior to 0.13.0 allows remote malicious users to cause a denial of service (resource consumption) via a long alert() argument in JavaScript code, because window dialogs are mishandled.
Brave Brave Browser
1 EDB exploit
4.8
CVSSv3
CVE-2023-51534
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brave Brave – Create Popup, Optins, Lead Generation, Survey, Sticky Elements & Interactive Content allows Stored XSS.This issue affects Brave – Create P...
Getbrave Brave
4.7
CVSSv3
CVE-2016-9473
Brave Browser iOS prior to 1.2.18 and Brave Browser Android 1.9.56 and previous versions suffer from Full Address Bar Spoofing, allowing malicious users to trick a victim by displaying a malicious page for legitimate domain names.
Brave Browser
6.1
CVSSv3
CVE-2023-52263
Brave Browser prior to 1.59.40 does not properly restrict the schema for WebUI factory and redirect. This is related to browser/brave_content_browser_client.cc and browser/ui/webui/brave_web_ui_controller_factory.cc.
Brave Browser
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »