Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Browser Security Vulnerabilities

cve
cve

CVE-2013-5306

SQL injection vulnerability in the Browser - TYPO3 without PHP (browser) extension before 4.5.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

8.7AI Score

0.003EPSS

2013-08-16 05:55 PM
21
cve
cve

CVE-2016-10718

Brave Browser before 0.13.0 allows a tab to close itself even if the tab was not opened by a script, resulting in denial of service.

7.5CVSS

7.2AI Score

0.016EPSS

2018-04-04 02:29 AM
35
cve
cve

CVE-2016-9473

Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier suffer from Full Address Bar Spoofing, allowing attackers to trick a victim by displaying a malicious page for legitimate domain names.

4.7CVSS

4.5AI Score

0.002EPSS

2017-03-28 02:59 AM
26
2
cve
cve

CVE-2017-1000461

Brave Software's Brave Browser, version 0.19.73 (and earlier) is vulnerable to an incorrect access control issue in the "JS fingerprinting blocking" component, resulting in a malicious website being able to access the fingerprinting-associated browser functionality (that the browser intends to bloc...

4.7CVSS

4.6AI Score

0.001EPSS

2022-10-03 04:23 PM
22
cve
cve

CVE-2017-18016

Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by requesting other websites via the Parity web proxy engine (reusing the current website's token, which is not bound to an origin).

5.3CVSS

5.2AI Score

0.025EPSS

2018-01-11 04:29 PM
35
cve
cve

CVE-2017-18256

Brave Browser before 0.13.0 allows remote attackers to cause a denial of service (resource consumption) via a long alert() argument in JavaScript code, because window dialogs are mishandled.

6.5CVSS

6.2AI Score

0.004EPSS

2018-04-04 02:29 AM
42
cve
cve

CVE-2021-21323

Brave is an open source web browser with a focus on privacy and security. In Brave versions 1.17.73-1.20.103, the CNAME adblocking feature added in Brave 1.17.73 accidentally initiated DNS requests that bypassed the Brave Tor proxy. Users with adblocking enabled would leak DNS requests from Tor win...

5.3CVSS

6AI Score

0.001EPSS

2021-02-23 11:15 PM
22
3
cve
cve

CVE-2021-22917

Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled.

6.5CVSS

6.2AI Score

0.002EPSS

2021-07-12 11:15 AM
15
6
cve
cve

CVE-2023-28364

An Open Redirect vulnerability exists prior to version 1.52.117, where the built-in QR scanner in Brave Browser Android navigated to scanned URLs automatically without showing the URL first. Now the user must manually navigate to the URL.

6.1CVSS

6.1AI Score

0.001EPSS

2023-07-01 12:15 AM
17
cve
cve

CVE-2023-52263

Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect. This is related to browser/brave_content_browser_client.cc and browser/ui/webui/brave_web_ui_controller_factory.cc.

6.1CVSS

6.2AI Score

0.001EPSS

2023-12-30 07:15 PM
14