Vulnerabilities > Brave
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-12 | CVE-2021-22916 | Unspecified vulnerability in Brave In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is enabled and a proxy browser extension is installed, the CNAME adblocking feature issues DNS requests that used the system DNS settings instead of the extension's proxy settings, resulting in possible information disclosure. | 5.9 |
| 2021-07-12 | CVE-2021-22917 | Unspecified vulnerability in Brave Browser Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled. | 6.5 |
| 2021-02-23 | CVE-2021-21323 | Information Exposure vulnerability in Brave Brave is an open source web browser with a focus on privacy and security. | 5.3 |
| 2020-11-09 | CVE-2020-8276 | Cleartext Storage of Sensitive Information vulnerability in Brave The implementation of Brave Desktop's privacy-preserving analytics system (P3A) between 1.1 and 1.18.35 logged the timestamp of when the user last opened an incognito window, including Tor windows. | 5.5 |
| 2018-12-20 | CVE-2018-1000815 | Improper Input Validation vulnerability in Brave Brave Software Inc. | 4.3 |
| 2018-05-08 | CVE-2018-10799 | Improper Input Validation vulnerability in Brave A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). | 6.5 |
| 2018-05-08 | CVE-2018-10798 | Improper Input Validation vulnerability in Brave A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). | 6.5 |
| 2018-04-04 | CVE-2017-18256 | Unspecified vulnerability in Brave Browser Brave Browser before 0.13.0 allows remote attackers to cause a denial of service (resource consumption) via a long alert() argument in JavaScript code, because window dialogs are mishandled. | 6.5 |
| 2018-04-04 | CVE-2016-10718 | Improper Input Validation vulnerability in Brave Browser Brave Browser before 0.13.0 allows a tab to close itself even if the tab was not opened by a script, resulting in denial of service. | 7.5 |
| 2018-01-03 | CVE-2017-1000461 | Incorrect Permission Assignment for Critical Resource vulnerability in Brave Browser 0.19.73 Brave Software's Brave Browser, version 0.19.73 (and earlier) is vulnerable to an incorrect access control issue in the "JS fingerprinting blocking" component, resulting in a malicious website being able to access the fingerprinting-associated browser functionality (that the browser intends to block). | 4.7 |