Filtered by vendor Opera
Subscriptions
Total
311 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-2640 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via an HTML document that has an empty parameter value for an embedded Java applet. | ||||
| CVE-2011-2633 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service (application crash) via vectors involving a Certificate Revocation List (CRL) file, as demonstrated by the multicert-ca-02.crl file. | ||||
| CVE-2011-2631 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| The Cascading Style Sheets (CSS) implementation in Opera before 11.11 does not properly handle the column-count property, which allows remote attackers to cause a denial of service (infinite repaint loop and application hang) via a web page, as demonstrated by an unspecified Wikipedia page. | ||||
| CVE-2012-6470 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image. | ||||
| CVE-2012-6469 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 12.11 allows remote attackers to determine the existence of arbitrary local files via vectors involving web script in an error page. | ||||
| CVE-2012-1931 | 2 Opera, Unix | 2 Opera Browser, Unix | 2025-04-11 | N/A |
| Opera before 11.62 on UNIX, when used in conjunction with an unspecified printing application, allows local users to overwrite arbitrary files via a symlink attack on a temporary file during printing. | ||||
| CVE-2012-6466 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 12.10 does not properly handle incorrect size data in a WebP image, which allows remote attackers to obtain potentially sensitive information from process memory by using a crafted image as the fill pattern for a canvas. | ||||
| CVE-2011-2629 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by www.falk.de. | ||||
| CVE-2014-0815 | 2 Google, Opera | 2 Android, Opera Browser | 2025-04-11 | N/A |
| The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated by reading stored cookies. | ||||
| CVE-2010-2657 | 3 Apple, Microsoft, Opera | 3 Macos, Windows, Opera Browser | 2025-04-11 | N/A |
| Opera before 10.60 on Windows and Mac OS X does not properly prevent certain double-click operations from running a program located on a web site, which allows user-assisted remote attackers to execute arbitrary code via a crafted web page that bypasses a dialog. | ||||
| CVE-2011-2627 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Unspecified vulnerability in the DOM implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by live.com. | ||||
| CVE-2010-2660 | 4 Apple, Microsoft, Opera and 1 more | 4 Mac Os X, Windows, Opera Browser and 1 more | 2025-04-11 | N/A |
| Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict certain uses of homograph characters in domain names, which makes it easier for remote attackers to spoof IDN domains via unspecified choices of characters. | ||||
| CVE-2011-2626 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.50 allows remote attackers to cause a denial of service (application crash) by using "injected script" to set the SRC attribute of an IFRAME element. | ||||
| CVE-2008-7297 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. | ||||
| CVE-2011-4683 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Unspecified vulnerability in Opera before 11.60 has unknown impact and attack vectors, related to a "moderately severe issue." | ||||
| CVE-2010-1728 | 3 Apple, Microsoft, Opera | 3 Mac Os X, Windows, Opera Browser | 2025-04-11 | N/A |
| Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop, leading to attempted use of uninitialized memory. NOTE: this might overlap CVE-2006-6955. | ||||
| CVE-2011-2620 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors involving SVG animation. | ||||
| CVE-2012-6461 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| The X.509 certificate-validation functionality in the https implementation in Opera before 12.10 allows remote attackers to trigger a false indication of successful revocation-status checking by causing a failure of a single checking service. | ||||
| CVE-2012-6462 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 12.10 does not properly implement the Cross-Origin Resource Sharing (CORS) specification, which allows remote attackers to bypass intended page-content restrictions via a crafted request. | ||||
| CVE-2009-3044 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Opera before 10.00 does not properly handle a (1) '\0' character or (2) invalid wildcard character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. | ||||