Search Results (312 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-3819 1 Opera 1 Opera Browser 2026-04-23 N/A
Opera 9.21 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed.
CVE-2008-7245 1 Opera 1 Opera Browser 2026-04-23 N/A
Opera 9.52 and earlier allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.
CVE-2008-1082 1 Opera 1 Opera Browser 2026-04-23 N/A
Opera before 9.26 allows remote attackers to "bypass sanitization filters" and conduct cross-site scripting (XSS) attacks via crafted attribute values in an XML document, which are not properly handled during DOM presentation.
CVE-2008-2716 1 Opera 1 Opera Browser 2026-04-23 N/A
Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the location, which can facilitate phishing attacks.
CVE-2009-3831 2 Microsoft, Opera 2 Windows, Opera Browser 2026-04-23 N/A
Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name.
CVE-2008-4196 1 Opera 1 Opera Browser 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Opera before 9.52 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-3172 1 Opera 1 Opera 2026-04-23 N/A
Opera allows web sites to set cookies for country-specific top-level domains that have DNS A records, such as co.tv, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking."
CVE-2008-4698 1 Opera 1 Opera Browser 2026-04-23 N/A
Opera before 9.61 does not properly block scripts during preview of a news feed, which allows remote attackers to create arbitrary new feed subscriptions and read the contents of arbitrary feeds.
CVE-2008-4795 1 Opera 1 Opera 2026-04-23 N/A
The links panel in Opera before 9.62 processes Javascript within the context of the "outermost page" of a frame, which allows remote attackers to inject arbitrary web script or HTML via cross-site scripting (XSS) attacks.
CVE-2007-2022 3 Adobe, Opera, Redhat 3 Flash Player, Opera Browser, Enterprise Linux 2026-04-23 N/A
Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.
CVE-2007-3929 1 Opera 1 Opera Browser 2026-04-23 N/A
Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object.
CVE-2007-6520 1 Opera 1 Opera Browser 2026-04-23 N/A
Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks via unknown vectors related to plug-ins.
CVE-2008-1761 1 Opera 1 Opera 2026-04-23 N/A
Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted newsfeed source, which triggers an invalid memory access.
CVE-2008-5679 1 Opera 1 Opera 2026-04-23 N/A
The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via crafted web pages that trigger an invalid pointer calculation and heap corruption.
CVE-2008-4199 1 Opera 1 Opera Browser 2026-04-23 N/A
Opera before 9.52 does not prevent use of links from web pages to feed source files on the local disk, which might allow remote attackers to determine the validity of local filenames via vectors involving "detection of JavaScript events and appropriate manipulation."
CVE-2007-0127 1 Opera 1 Opera Browser 2026-04-23 N/A
The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createSVGTransformFromMatrix request, which allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request that causes a controlled pointer to be referenced during the virtual function call.
CVE-2007-2274 1 Opera 1 Opera Browser 2026-04-23 N/A
The BitTorrent implementation in Opera 9.2 allows remote attackers to cause a denial of service (CPU consumption and application crash) via a malformed torrent file. NOTE: the original disclosure refers to this as a memory leak, but it is not certain.
CVE-2008-5682 1 Opera 1 Opera Browser 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Opera before 9.63 allows remote attackers to inject arbitrary web script or HTML via built-in XSLT templates.
CVE-2007-1115 1 Opera 1 Opera Browser 2026-04-23 N/A
The child frames in Opera 9 before 9.20 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.
CVE-2007-5540 1 Opera 1 Opera Browser 2026-04-23 N/A
Unspecified vulnerability in Opera before 9.24 allows remote attackers to overwrite functions on pages from other domains and bypass the same-origin policy via unknown vectors.