Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
brave vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-4281
A vulnerability was found in Brave UX for-the-badge and classified as critical. Affected by this issue is some unknown functionality of the file .github/workflows/combine-prs.yml. The manipulation leads to os command injection. The name of the patch is 55b5a234c0fab935df5fb08365b...
Forthebadge For The Badge
7.5
CVSSv3
CVE-2021-45884
In Brave Desktop 1.17 up to and including 1.33 prior to 1.33.106, when CNAME-based adblocking and a proxying extension with a SOCKS fallback are enabled, additional DNS requests are issued outside of the proxying extension using the system's DNS settings, resulting in inform...
Brave Brave
7.5
CVSSv3
CVE-2016-10718
Brave Browser prior to 0.13.0 allows a tab to close itself even if the tab was not opened by a script, resulting in denial of service.
Brave Brave Browser
1 EDB exploit
6.5
CVSSv3
CVE-2022-47932
Brave Browser prior to 1.43.34 allowed a remote malicious user to cause a denial of service via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This vulnerability is caused by an incomplete fix for CVE-2022-47933.
Brave Brave
6.5
CVSSv3
CVE-2022-47933
Brave Browser prior to 1.42.51 allowed a remote malicious user to cause a denial of service via a crafted HTML file that references the IPFS scheme. This vulnerability is caused by an uncaught exception in the function ipfs::OnBeforeURLRequest_IPFSRedirectWork() in ipfs_redirect_...
Brave Brave
6.5
CVSSv3
CVE-2022-47934
Brave Browser prior to 1.43.88 allowed a remote malicious user to cause a denial of service in private and guest windows via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This is caused by an incomplete fix for CVE-2022-47932 and CVE-2022-47934.
Brave Brave
6.5
CVSSv3
CVE-2021-22917
Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled.
Brave Browser
6.5
CVSSv3
CVE-2018-10798
A hang issue exists in Brave prior to 0.14.0 (on, for example, Linux). The vulnerability is caused by mishandling of JavaScript code that triggers the reload of a page continuously with an interval of 1 second.
Brave Brave
6.5
CVSSv3
CVE-2018-10799
A hang issue exists in Brave prior to 0.14.0 (on, for example, Linux). This vulnerability is caused by the mishandling of a long URL formed by window.location+='?\u202a\uFEFF\u202b'; concatenation in a SCRIPT element.
Brave Brave
6.5
CVSSv3
CVE-2017-18256
Brave Browser prior to 0.13.0 allows remote malicious users to cause a denial of service (resource consumption) via a long alert() argument in JavaScript code, because window dialogs are mishandled.
Brave Brave Browser
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »