Filtered by vendor Opera
Subscriptions
Total
312 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4048 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 10.63 allows user-assisted remote web servers to cause a denial of service (application crash) by sending a redirect during the saving of a file. | ||||
| CVE-2010-4050 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 10.63 allows remote attackers to cause a denial of service (memory corruption) by referencing an SVG document in an IMG element. | ||||
| CVE-2010-2121 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera 9.52 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs. | ||||
| CVE-2012-3565 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted characters in domain names, as demonstrated by "IDNA2008 tests." | ||||
| CVE-2011-0681 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| The Cascading Style Sheets (CSS) Extensions for XML implementation in Opera before 11.01 recognizes links to javascript: URLs in the -o-link property, which makes it easier for remote attackers to bypass CSS filtering via a crafted URL. | ||||
| CVE-2010-4585 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Unspecified vulnerability in the auto-update functionality in Opera before 11.00 allows remote attackers to cause a denial of service (application crash) by triggering an Opera Unite update. | ||||
| CVE-2011-0684 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.01 does not properly handle redirections and unspecified other HTTP responses, which allows remote web servers to obtain sufficient access to local files to use these files as page resources, and consequently obtain potentially sensitive information from the contents of the files, via an unknown response manipulation. | ||||
| CVE-2012-4143 | 4 Apple, Linux, Microsoft and 1 more | 4 Mac Os X, Linux Kernel, Windows and 1 more | 2025-04-11 | N/A |
| Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, allows user-assisted remote attackers to trick users into downloading and executing arbitrary files via a small window for the download dialog, a different vulnerability than CVE-2012-1924. | ||||
| CVE-2012-6466 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 12.10 does not properly handle incorrect size data in a WebP image, which allows remote attackers to obtain potentially sensitive information from process memory by using a crafted image as the fill pattern for a canvas. | ||||
| CVE-2010-5072 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| The JavaScript implementation in Opera 10.5 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method. | ||||
| CVE-2010-4580 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.00 does not clear WAP WML form fields after manual navigation to a new web site, which allows remote attackers to obtain sensitive information via an input field that has the same name as an input field on a previously visited web site. | ||||
| CVE-2010-3019 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Heap-based buffer overflow in Opera before 10.61 allows remote attackers to execute arbitrary code or cause a denial of service (application crash or hang) via vectors related to HTML5 canvas painting operations that occur during the application of transformations. | ||||
| CVE-2010-2658 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 10.60 does not properly restrict certain interaction between plug-ins, file inputs, and the clipboard, which allows user-assisted remote attackers to trigger the uploading of arbitrary files via a crafted web site. | ||||
| CVE-2012-3555 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.65 does not ensure that keyboard sequences are associated with a visible window, which makes it easier for user-assisted remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary code via a crafted web site, related to a "hidden keyboard navigation" issue. | ||||
| CVE-2010-2659 | 4 Apple, Microsoft, Opera and 1 more | 4 Mac Os X, Windows, Opera Browser and 1 more | 2025-04-11 | N/A |
| Opera before 10.50 on Windows, before 10.52 on Mac OS X, and before 10.60 on UNIX platforms makes widget properties accessible to third-party domains, which allows remote attackers to obtain potentially sensitive information via a crafted web site. | ||||
| CVE-2010-3020 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| The news-feed preview feature in Opera before 10.61 does not properly remove scripts, which allows remote attackers to force subscriptions to arbitrary feeds via crafted content. | ||||
| CVE-2010-2661 | 4 Apple, Microsoft, Opera and 1 more | 4 Mac Os X, Windows, Opera Browser and 1 more | 2025-04-11 | N/A |
| Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict access to the full pathname of a file selected for upload, which allows remote attackers to obtain potentially sensitive information via unspecified DOM manipulations. | ||||
| CVE-2010-2662 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 10.60 allows remote attackers to bypass the popup blocker via a javascript: URL and a "fake click." | ||||
| CVE-2014-0815 | 2 Google, Opera | 2 Android, Opera Browser | 2025-04-11 | N/A |
| The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated by reading stored cookies. | ||||
| CVE-2010-1989 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera 9.52 executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images, a related issue to CVE-2010-0181. | ||||