Filtered by vendor Brave
Subscriptions
Total
25 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-52263 | 1 Brave | 1 Browser | 2024-08-02 | 6.1 Medium |
Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect. This is related to browser/brave_content_browser_client.cc and browser/ui/webui/brave_web_ui_controller_factory.cc. | ||||
CVE-2023-28360 | 1 Brave | 1 Brave | 2024-08-02 | 4.3 Medium |
An omission of security-relevant information vulnerability exists in Brave desktop prior to version 1.48.171 when a user was saving a file there was no download safety check dialog presented to the user. | ||||
CVE-2023-28364 | 1 Brave | 1 Browser | 2024-08-02 | 6.1 Medium |
An Open Redirect vulnerability exists prior to version 1.52.117, where the built-in QR scanner in Brave Browser Android navigated to scanned URLs automatically without showing the URL first. Now the user must manually navigate to the URL. | ||||
CVE-2023-22798 | 1 Brave | 1 Adblock-lists | 2024-08-02 | 6.1 Medium |
Prior to commit 51867e0d15a6d7f80d5b714fd0e9976b9c160bb0, https://github.com/brave/adblock-lists removed redirect interceptors on some websites like Facebook in which the redirect interceptor may have been there for security purposes. This could potentially cause open redirects on these websites. Brave's redirect interceptor removal feature is known as "debouncing" and is intended to remove unnecessary redirects that track users across the web. | ||||
CVE-2024-35655 | 2 Brave, Getbrave | 2 Brave Popup Builder, Brave | 2024-08-02 | 5.9 Medium |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brave Brave Popup Builder allows Stored XSS.This issue affects Brave Popup Builder: from n/a through 0.6.9. |