Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
brave vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2022-30334
Brave prior to 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular...
Brave Brave
4.3
CVSSv2
CVE-2018-10799
A hang issue exists in Brave prior to 0.14.0 (on, for example, Linux). This vulnerability is caused by the mishandling of a long URL formed by window.location+='?\u202a\uFEFF\u202b'; concatenation in a SCRIPT element.
Brave Brave
4.3
CVSSv2
CVE-2021-21323
Brave is an open source web browser with a focus on privacy and security. In Brave versions 1.17.73-1.20.103, the CNAME adblocking feature added in Brave 1.17.73 accidentally initiated DNS requests that bypassed the Brave Tor proxy. Users with adblocking enabled would leak DNS re...
Brave Brave
5
CVSSv2
CVE-2016-10718
Brave Browser prior to 0.13.0 allows a tab to close itself even if the tab was not opened by a script, resulting in denial of service.
Brave Brave Browser
1 EDB exploit
4.3
CVSSv2
CVE-2017-18256
Brave Browser prior to 0.13.0 allows remote malicious users to cause a denial of service (resource consumption) via a long alert() argument in JavaScript code, because window dialogs are mishandled.
Brave Brave Browser
1 EDB exploit
4.3
CVSSv2
CVE-2017-8459
Brave 0.12.4 has a Status Bar Obfuscation issue in which a redirection target is shown in a possibly unexpected way. NOTE: third parties dispute this issue because it is a behavior that might have legitimate applications in (for example) the display of web-search results
Brave Brave 0.12.4
4.3
CVSSv2
CVE-2017-8458
Brave 0.12.4 has a URI Obfuscation issue in which a string such as https://safe.example.com@unsafe.example.com/ is displayed without a clear UI indication that it is not a resource on the safe.example.com web site.
Brave Brave 0.12.4
4.3
CVSSv2
CVE-2016-9473
Brave Browser iOS prior to 1.2.18 and Brave Browser Android 1.9.56 and previous versions suffer from Full Address Bar Spoofing, allowing malicious users to trick a victim by displaying a malicious page for legitimate domain names.
Brave Browser
NA
CVE-2023-28364
An Open Redirect vulnerability exists prior to version 1.52.117, where the built-in QR scanner in Brave Browser Android navigated to scanned URLs automatically without showing the URL first. Now the user must manually navigate to the URL.
Brave Browser
4.3
CVSSv2
CVE-2021-22917
Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled.
Brave Browser
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »