Filtered by vendor Opera
Subscriptions
Filtered by product Opera Browser
Subscriptions
Total
285 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2011-4681 | 1 Opera | 1 Opera Browser | 2024-09-16 | N/A |
Opera before 11.60 does not properly consider the number of . (dot) characters that conventionally exist in domain names of different top-level domains, which allows remote attackers to bypass the Same Origin Policy by leveraging access to a different domain name in the same top-level domain, as demonstrated by the .no or .uk domain. | ||||
CVE-2012-3559 | 2 Apple, Opera | 2 Mac Os X, Opera Browser | 2024-09-16 | N/A |
Unspecified vulnerability in Opera before 12.00 on Mac OS X has unknown impact and attack vectors, related to a "moderate severity issue." | ||||
CVE-2012-6465 | 1 Opera | 1 Opera Browser | 2024-09-16 | N/A |
Opera before 12.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed SVG image. | ||||
CVE-2011-2616 | 1 Opera | 1 Opera Browser | 2024-09-16 | N/A |
Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (memory consumption) via unknown content on a web page, as demonstrated by test262.ecmascript.org. | ||||
CVE-2010-5068 | 1 Opera | 1 Opera Browser | 2024-09-16 | N/A |
The Cascading Style Sheets (CSS) implementation in Opera 10.5 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264. | ||||
CVE-2011-2629 | 1 Opera | 1 Opera Browser | 2024-09-16 | N/A |
Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by www.falk.de. | ||||
CVE-2010-1310 | 1 Opera | 1 Opera Browser | 2024-09-16 | N/A |
Opera 10.50 allows remote attackers to obtain sensitive information via crafted XSLT constructs, which cause Opera to return cached contents of other pages. | ||||
CVE-2011-2639 | 1 Opera | 1 Opera Browser | 2024-09-16 | N/A |
Opera before 11.10 does not properly handle hidden animated GIF images, which allows remote attackers to cause a denial of service (CPU consumption) via an image file that triggers continual repaints. | ||||
CVE-2012-4144 | 4 Apple, Linux, Microsoft and 1 more | 4 Mac Os X, Linux Kernel, Windows and 1 more | 2024-09-16 | N/A |
Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, does not properly escape characters in DOM elements, which makes it easier for remote attackers to bypass cross-site scripting (XSS) protection mechanisms via a crafted HTML document. | ||||
CVE-2014-1870 | 2 Apple, Opera | 2 Mac Os X, Opera Browser | 2024-09-16 | N/A |
Opera before 19 on Mac OS X allows user-assisted remote attackers to spoof the address bar via vectors involving a drag-and-drop operation. | ||||
CVE-2011-2618 | 1 Opera | 1 Opera Browser | 2024-09-16 | N/A |
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via web script that moves a (1) AUDIO element or (2) VIDEO element between windows. | ||||
CVE-2012-6470 | 1 Opera | 1 Opera Browser | 2024-09-16 | N/A |
Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image. | ||||
CVE-2011-2637 | 1 Opera | 1 Opera Browser | 2024-09-16 | N/A |
Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by futura-sciences.com, seoptimise.com, and mitosyfraudes.org. | ||||
CVE-2003-1420 | 1 Opera | 1 Opera Browser | 2024-08-08 | N/A |
Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header. | ||||
CVE-2003-1388 | 1 Opera | 1 Opera Browser | 2024-08-08 | N/A |
Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension. | ||||
CVE-2003-1387 | 1 Opera | 1 Opera Browser | 2024-08-08 | N/A |
Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username. | ||||
CVE-2003-1396 | 1 Opera | 1 Opera Browser | 2024-08-08 | N/A |
Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension. | ||||
CVE-2003-1397 | 1 Opera | 1 Opera Browser | 2024-08-08 | N/A |
The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service (crash) via an HTTP request containing a long string that gets passed to the ShowDocument method. | ||||
CVE-2003-0870 | 1 Opera | 1 Opera Browser | 2024-08-08 | N/A |
Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name. | ||||
CVE-2003-0593 | 1 Opera | 1 Opera Browser | 2024-08-08 | N/A |
Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. |