Vulnerabilities > Brave > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-20 | CVE-2018-1000815 | Improper Input Validation vulnerability in Brave Brave Software Inc. | 4.3 |
| 2018-05-08 | CVE-2018-10799 | Improper Input Validation vulnerability in Brave A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). | 4.3 |
| 2018-05-08 | CVE-2018-10798 | Improper Input Validation vulnerability in Brave A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). | 4.3 |
| 2018-04-04 | CVE-2017-18256 | Unspecified vulnerability in Brave Browser Brave Browser before 0.13.0 allows remote attackers to cause a denial of service (resource consumption) via a long alert() argument in JavaScript code, because window dialogs are mishandled. network brave | 4.3 |
| 2018-04-04 | CVE-2016-10718 | Improper Input Validation vulnerability in Brave Browser Brave Browser before 0.13.0 allows a tab to close itself even if the tab was not opened by a script, resulting in denial of service. | 5.0 |
| 2018-01-03 | CVE-2017-1000461 | Incorrect Permission Assignment for Critical Resource vulnerability in Brave Browser Brave Software's Brave Browser, version 0.19.73 (and earlier) is vulnerable to an incorrect access control issue in the "JS fingerprinting blocking" component, resulting in a malicious website being able to access the fingerprinting-associated browser functionality (that the browser intends to block). | 4.3 |
| 2017-05-03 | CVE-2017-8459 | Unspecified vulnerability in Brave 0.12.4 Brave 0.12.4 has a Status Bar Obfuscation issue in which a redirection target is shown in a possibly unexpected way. | 6.5 |
| 2017-05-03 | CVE-2017-8458 | Injection vulnerability in Brave 0.12.4 Brave 0.12.4 has a URI Obfuscation issue in which a string such as https://[email protected]/ is displayed without a clear UI indication that it is not a resource on the safe.example.com web site. | 4.3 |
| 2017-03-28 | CVE-2016-9473 | Cross-site Scripting vulnerability in Brave Browser 1.2.16/1.9.56 Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier suffer from Full Address Bar Spoofing, allowing attackers to trick a victim by displaying a malicious page for legitimate domain names. | 4.3 |