Vulnerabilities > Brave > Browser

DATE CVE VULNERABILITY TITLE RISK
2023-12-30 CVE-2023-52263 Open Redirect vulnerability in Brave Browser
Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect.
network
low complexity
brave CWE-601
6.1
2023-07-01 CVE-2023-28364 Open Redirect vulnerability in Brave Browser
An Open Redirect vulnerability exists prior to version 1.52.117, where the built-in QR scanner in Brave Browser Android navigated to scanned URLs automatically without showing the URL first.
network
low complexity
brave CWE-601
6.1
2021-07-12 CVE-2021-22917 Unspecified vulnerability in Brave Browser
Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled.
network
low complexity
brave
6.5
2018-01-03 CVE-2017-1000461 Incorrect Permission Assignment for Critical Resource vulnerability in Brave Browser 0.19.73
Brave Software's Brave Browser, version 0.19.73 (and earlier) is vulnerable to an incorrect access control issue in the "JS fingerprinting blocking" component, resulting in a malicious website being able to access the fingerprinting-associated browser functionality (that the browser intends to block).
network
low complexity
brave CWE-732
4.7
2017-03-28 CVE-2016-9473 Cross-site Scripting vulnerability in Brave Browser 1.2.16/1.9.56
Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier suffer from Full Address Bar Spoofing, allowing attackers to trick a victim by displaying a malicious page for legitimate domain names.
network
low complexity
brave CWE-79
4.7