Filtered by vendor Opera
Subscriptions
Filtered by product Opera Browser
Subscriptions
Total
285 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4694 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a redirect that specifies a crafted URL. | ||||
| CVE-2009-1234 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Opera 9.64 allows remote attackers to cause a denial of service (application crash) via an XML document containing a long series of start-tags with no corresponding end-tags. NOTE: it was later reported that 9.52 is also affected. | ||||
| CVE-2008-4725 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in Opera.dll in Opera 9.52 allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly escaped before storage in the History Search database (aka md.dat), a different vector than CVE-2008-4696. NOTE: some of these issues were addressed before 9.60. | ||||
| CVE-2008-7245 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Opera 9.52 and earlier allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821. | ||||
| CVE-2007-6523 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service (CPU consumption) via a crafted bitmap (BMP) file that triggers a large number of calculations and checks. | ||||
| CVE-2008-4197 | 5 Freebsd, Linux, Microsoft and 2 more | 5 Freebsd, Linux Kernel, Windows and 2 more | 2025-04-09 | 8.8 High |
| Opera before 9.52 on Windows, Linux, FreeBSD, and Solaris, when processing custom shortcut and menu commands, can produce argument strings that contain uninitialized memory, which might allow user-assisted remote attackers to execute arbitrary code or conduct other attacks via vectors related to activation of a shortcut. | ||||
| CVE-2007-6520 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks via unknown vectors related to plug-ins. | ||||
| CVE-2009-3013 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Opera 9.52 and earlier, and 10.00 Beta 3 Build 1699, does not properly block data: URIs in Location headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Location header that contains JavaScript sequences in a data:text/html URI or (2) entering a data:text/html URI with JavaScript sequences when specifying the content of a Location header. NOTE: the JavaScript executes outside of the context of the HTTP site. | ||||
| CVE-2009-3046 | 1 Opera | 1 Opera Browser | 2025-04-09 | 7.5 High |
| Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes it easier for remote SSL servers to bypass validation of the certificate chain via a revoked certificate. | ||||
| CVE-2009-3266 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Opera before 10.01 does not properly restrict HTML in a (1) RSS or (2) Atom feed, which allows remote attackers to conduct cross-site scripting (XSS) attacks, and conduct cross-zone scripting attacks involving the Feed Subscription Page to read feeds or create feed subscriptions, via a crafted feed, related to the rendering of the application/rss+xml content type as "scripted content." | ||||
| CVE-2007-6521 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Unspecified vulnerability in Opera before 9.25 allows remote attackers to execute arbitrary code via crafted TLS certificates. | ||||
| CVE-2008-1081 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties. | ||||
| CVE-2008-3078 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Opera before 9.51 does not properly manage memory within functions supporting the CANVAS element, which allows remote attackers to read uninitialized memory contents by using JavaScript to read a canvas image. | ||||
| CVE-2008-5683 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Unspecified vulnerability in Opera before 9.63 allows remote attackers to "reveal random data" via unknown vectors. | ||||
| CVE-2007-5476 | 3 Adobe, Apple, Opera | 3 Flash Player, Mac Os X, Opera Browser | 2025-04-09 | N/A |
| Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors. | ||||
| CVE-2007-5540 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Unspecified vulnerability in Opera before 9.24 allows remote attackers to overwrite functions on pages from other domains and bypass the same-origin policy via unknown vectors. | ||||
| CVE-2007-0126 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Heap-based buffer overflow in Opera 9.02 allows remote attackers to execute arbitrary code via a JPEG file with an invalid number of index bytes in the Define Huffman Table (DHT) marker. | ||||
| CVE-2007-0127 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createSVGTransformFromMatrix request, which allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request that causes a controlled pointer to be referenced during the virtual function call. | ||||
| CVE-2007-6522 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| The rich text editing functionality in Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks by using designMode to modify contents of pages in other domains. | ||||
| CVE-2007-2809 | 1 Opera | 1 Opera Browser | 2025-04-09 | N/A |
| Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. NOTE: due to the lack of details, it is not clear if this is the same issue as CVE-2007-2274. | ||||