Filtered by vendor Opera
Subscribe
Total
311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0686 | 1 Opera | 1 Opera Browser | 2017-09-18 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 11.01 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by vkontakte.ru. | |||||
| CVE-2011-0687 | 1 Opera | 1 Opera Browser | 2017-09-18 | 4.3 MEDIUM | N/A |
| Opera before 11.01 does not properly implement Wireless Application Protocol (WAP) dropdown lists, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted WAP document. | |||||
| CVE-2011-0681 | 1 Opera | 1 Opera Browser | 2017-09-18 | 4.3 MEDIUM | N/A |
| The Cascading Style Sheets (CSS) Extensions for XML implementation in Opera before 11.01 recognizes links to javascript: URLs in the -o-link property, which makes it easier for remote attackers to bypass CSS filtering via a crafted URL. | |||||
| CVE-2010-4048 | 1 Opera | 1 Opera Browser | 2017-09-18 | 4.3 MEDIUM | N/A |
| Opera before 10.63 allows user-assisted remote web servers to cause a denial of service (application crash) by sending a redirect during the saving of a file. | |||||
| CVE-2010-4044 | 1 Opera | 1 Opera Browser | 2017-09-18 | 4.3 MEDIUM | N/A |
| Opera before 10.63 does not ensure that the portion of a URL shown in the Address Bar contains the beginning of the URL, which allows remote attackers to spoof URLs by changing a window's size. | |||||
| CVE-2010-4050 | 1 Opera | 1 Opera Browser | 2017-09-18 | 4.3 MEDIUM | N/A |
| Opera before 10.63 allows remote attackers to cause a denial of service (memory corruption) by referencing an SVG document in an IMG element. | |||||
| CVE-2010-4047 | 1 Opera | 1 Opera Browser | 2017-09-18 | 4.3 MEDIUM | N/A |
| Opera before 10.63 does not properly select the security context of JavaScript code associated with an error page, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site. | |||||
| CVE-2010-4049 | 1 Opera | 1 Opera Browser | 2017-09-18 | 4.3 MEDIUM | N/A |
| Opera before 10.63 allows remote attackers to cause a denial of service (application crash) via a Flash movie with a transparent Window Mode (aka wmode) property, which is not properly handled during navigation away from the containing HTML document. | |||||
| CVE-2010-4046 | 1 Opera | 1 Opera Browser | 2017-09-18 | 4.3 MEDIUM | N/A |
| Opera before 10.63 does not properly verify the origin of video content, which allows remote attackers to obtain sensitive information by using a video stream as HTML5 canvas content. | |||||
| CVE-2010-3021 | 1 Opera | 1 Opera Browser | 2017-09-18 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 10.61 allows remote attackers to cause a denial of service (CPU consumption and application hang) via an animated PNG image. | |||||
| CVE-2010-4043 | 1 Opera | 1 Opera Browser | 2017-09-18 | 4.3 MEDIUM | N/A |
| Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive information via a crafted document. | |||||
| CVE-2010-4045 | 1 Opera | 1 Opera Browser | 2017-09-18 | 9.3 HIGH | N/A |
| Opera before 10.63 does not properly restrict web script in unspecified circumstances involving reloads and redirects, which allows remote attackers to spoof the Address Bar, conduct cross-site scripting (XSS) attacks, and possibly execute arbitrary code by leveraging the ability of a script to interact with a web page from (1) a different domain or (2) a different security context. | |||||
| CVE-2010-3020 | 1 Opera | 1 Opera Browser | 2017-09-18 | 5.0 MEDIUM | N/A |
| The news-feed preview feature in Opera before 10.61 does not properly remove scripts, which allows remote attackers to force subscriptions to arbitrary feeds via crafted content. | |||||
| CVE-2010-3019 | 1 Opera | 1 Opera Browser | 2017-09-18 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Opera before 10.61 allows remote attackers to execute arbitrary code or cause a denial of service (application crash or hang) via vectors related to HTML5 canvas painting operations that occur during the application of transformations. | |||||
| CVE-2009-3046 | 1 Opera | 1 Opera Browser | 2017-09-18 | 5.0 MEDIUM | N/A |
| Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes it easier for remote SSL servers to bypass validation of the certificate chain via a revoked certificate. | |||||
| CVE-2009-3044 | 1 Opera | 1 Opera Browser | 2017-09-18 | 5.0 MEDIUM | N/A |
| Opera before 10.00 does not properly handle a (1) '\0' character or (2) invalid wildcard character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. | |||||
| CVE-2009-3048 | 4 Conectiva, Freebsd, Opera and 1 more | 4 Linux, Freebsd, Opera Browser and 1 more | 2017-09-18 | 4.3 MEDIUM | N/A |
| Opera before 10.00 on Linux, Solaris, and FreeBSD does not properly implement the "INPUT TYPE=file" functionality, which allows remote attackers to trick a user into uploading an unintended file via vectors involving a "dropped file." | |||||
| CVE-2014-0815 | 2 Google, Opera | 2 Android, Opera Browser | 2017-08-28 | 4.3 MEDIUM | N/A |
| The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated by reading stored cookies. | |||||
| CVE-2012-3562 | 1 Opera | 1 Opera Browser | 2017-08-28 | 4.3 MEDIUM | N/A |
| Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page that is not properly handled during a reload, as demonstrated by a "multiple origin camera test" page. | |||||
| CVE-2012-3563 | 1 Opera | 1 Opera Browser | 2017-08-28 | 5.0 MEDIUM | N/A |
| Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via a web page that contains invalid character encodings. | |||||