Vulnerabilities > Brave > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-30 | CVE-2023-52263 | Open Redirect vulnerability in Brave Browser Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect. | 6.1 |
2023-07-01 | CVE-2023-28364 | Open Redirect vulnerability in Brave Browser An Open Redirect vulnerability exists prior to version 1.52.117, where the built-in QR scanner in Brave Browser Android navigated to scanned URLs automatically without showing the URL first. | 6.1 |
2023-05-11 | CVE-2023-28360 | Unspecified vulnerability in Brave An omission of security-relevant information vulnerability exists in Brave desktop prior to version 1.48.171 when a user was saving a file there was no download safety check dialog presented to the user. | 4.3 |
2023-02-09 | CVE-2023-22798 | Open Redirect vulnerability in Brave Adblock-Lists Prior to commit 51867e0d15a6d7f80d5b714fd0e9976b9c160bb0, https://github.com/brave/adblock-lists removed redirect interceptors on some websites like Facebook in which the redirect interceptor may have been there for security purposes. | 6.1 |
2022-12-24 | CVE-2022-47932 | Unspecified vulnerability in Brave Brave Browser before 1.43.34 allowed a remote attacker to cause a denial of service via a crafted HTML file that mentions an ipfs:// or ipns:// URL. | 6.5 |
2022-12-24 | CVE-2022-47933 | Improper Handling of Exceptional Conditions vulnerability in Brave Brave Browser before 1.42.51 allowed a remote attacker to cause a denial of service via a crafted HTML file that references the IPFS scheme. | 6.5 |
2022-12-24 | CVE-2022-47934 | Unspecified vulnerability in Brave Brave Browser before 1.43.88 allowed a remote attacker to cause a denial of service in private and guest windows via a crafted HTML file that mentions an ipfs:// or ipns:// URL. | 6.5 |
2022-05-07 | CVE-2022-30334 | Information Exposure vulnerability in Brave Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. | 5.3 |
2021-08-31 | CVE-2021-22929 | Information Exposure Through Log Files vulnerability in Brave An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps of connections to V2 onion domains in tor.log. | 6.1 |
2021-07-12 | CVE-2021-22916 | Unspecified vulnerability in Brave In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is enabled and a proxy browser extension is installed, the CNAME adblocking feature issues DNS requests that used the system DNS settings instead of the extension's proxy settings, resulting in possible information disclosure. | 5.9 |