Filtered by vendor Opera
Subscribe
Search
Total
286 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-2615 | 1 Opera | 1 Opera Browser | 2011-07-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application hang) via unknown content on a web page, as demonstrated by domiteca.com. | |||||
| CVE-2011-2614 | 1 Opera | 1 Opera Browser | 2011-07-11 | 5.0 MEDIUM | N/A |
| The SVG implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors involving a path on which many characters are drawn. | |||||
| CVE-2011-2622 | 1 Opera | 1 Opera Browser | 2011-07-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Web Workers implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown vectors. | |||||
| CVE-2011-2633 | 1 Opera | 1 Opera Browser | 2011-07-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service (application crash) via vectors involving a Certificate Revocation List (CRL) file, as demonstrated by the multicert-ca-02.crl file. | |||||
| CVE-2011-2634 | 1 Opera | 1 Opera Browser | 2011-07-08 | 5.0 MEDIUM | N/A |
| Opera before 11.10 allows remote attackers to hijack (1) searches and (2) customizations via unspecified third party applications. | |||||
| CVE-2011-2626 | 1 Opera | 1 Opera Browser | 2011-07-08 | 5.0 MEDIUM | N/A |
| Opera before 11.50 allows remote attackers to cause a denial of service (application crash) by using "injected script" to set the SRC attribute of an IFRAME element. | |||||
| CVE-2011-2625 | 1 Opera | 1 Opera Browser | 2011-07-08 | 5.0 MEDIUM | N/A |
| Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a SELECT element that contains many OPTION elements. | |||||
| CVE-2011-2624 | 1 Opera | 1 Opera Browser | 2011-07-08 | 4.3 MEDIUM | N/A |
| Opera before 11.50 allows user-assisted remote attackers to cause a denial of service (application hang) via a large table, which is not properly handled during a print preview. | |||||
| CVE-2011-2623 | 1 Opera | 1 Opera Browser | 2011-07-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the SVG BiDi implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash or hang) via unknown vectors. | |||||
| CVE-2007-1563 | 1 Opera | 1 Opera Browser | 2011-07-08 | 6.8 MEDIUM | N/A |
| The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response. | |||||
| CVE-2011-2630 | 1 Opera | 1 Opera Browser | 2011-07-08 | 4.3 MEDIUM | N/A |
| Opera before 11.11 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page that is not properly handled during a reload occurring after the opening of a popup of the Easy Sticky Note extension. | |||||
| CVE-2011-2629 | 1 Opera | 1 Opera Browser | 2011-07-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by www.falk.de. | |||||
| CVE-2011-2631 | 1 Opera | 1 Opera Browser | 2011-07-08 | 5.0 MEDIUM | N/A |
| The Cascading Style Sheets (CSS) implementation in Opera before 11.11 does not properly handle the column-count property, which allows remote attackers to cause a denial of service (infinite repaint loop and application hang) via a web page, as demonstrated by an unspecified Wikipedia page. | |||||
| CVE-2011-2627 | 1 Opera | 1 Opera Browser | 2011-07-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the DOM implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by live.com. | |||||
| CVE-2011-2632 | 1 Opera | 1 Opera Browser | 2011-07-08 | 5.0 MEDIUM | N/A |
| Opera before 11.11 does not properly handle destruction of a Silverlight instance, which allows remote attackers to cause a denial of service (application crash) via a web page, as demonstrated by vod.onet.pl. | |||||
| CVE-2011-2637 | 1 Opera | 1 Opera Browser | 2011-07-06 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by futura-sciences.com, seoptimise.com, and mitosyfraudes.org. | |||||
| CVE-2011-2636 | 1 Opera | 1 Opera Browser | 2011-07-06 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by a certain Tomato Firmware page. | |||||
| CVE-2011-2638 | 1 Opera | 1 Opera Browser | 2011-07-06 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by games on zylom.com. | |||||
| CVE-2011-2635 | 1 Opera | 1 Opera Browser | 2011-07-06 | 5.0 MEDIUM | N/A |
| The Cascading Style Sheets (CSS) implementation in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via vectors involving use of the :hover pseudo-class, in conjunction with transforms, for a floated element. | |||||
| CVE-2011-2641 | 1 Opera | 1 Opera Browser | 2011-07-05 | 5.0 MEDIUM | N/A |
| Opera 11.11 allows remote attackers to cause a denial of service (application crash) by setting the FACE attribute of a FONT element within an IFRAME element after changing the SRC attribute of this IFRAME element to an about:blank value. | |||||
| CVE-2011-2639 | 1 Opera | 1 Opera Browser | 2011-07-05 | 5.0 MEDIUM | N/A |
| Opera before 11.10 does not properly handle hidden animated GIF images, which allows remote attackers to cause a denial of service (CPU consumption) via an image file that triggers continual repaints. | |||||
| CVE-2007-0127 | 1 Opera | 1 Opera Browser | 2011-03-07 | 9.3 HIGH | N/A |
| The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createSVGTransformFromMatrix request, which allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request that causes a controlled pointer to be referenced during the virtual function call. | |||||
| CVE-2008-4196 | 1 Opera | 1 Opera Browser | 2011-02-01 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Opera before 9.52 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-4585 | 1 Opera | 1 Opera Browser | 2011-01-22 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the auto-update functionality in Opera before 11.00 allows remote attackers to cause a denial of service (application crash) by triggering an Opera Unite update. | |||||
| CVE-2010-4579 | 1 Opera | 1 Opera Browser | 2011-01-22 | 5.0 MEDIUM | N/A |
| Opera before 11.00 does not properly constrain dialogs to appear on top of rendered documents, which makes it easier for remote attackers to trick users into interacting with a crafted web site that spoofs the (1) security information dialog or (2) download dialog. | |||||
| CVE-2010-4586 | 1 Opera | 1 Opera Browser | 2011-01-22 | 10.0 HIGH | N/A |
| The default configuration of Opera before 11.00 enables WebSockets functionality, which has unspecified impact and remote attack vectors, possibly a related issue to CVE-2010-4508. | |||||
| CVE-2010-4584 | 1 Opera | 1 Opera Browser | 2011-01-22 | 2.6 LOW | N/A |
| Opera before 11.00, when Opera Turbo is used, does not properly present information about problematic X.509 certificates on https web sites, which might make it easier for remote attackers to spoof trusted content via a crafted web site. | |||||
| CVE-2010-4583 | 1 Opera | 1 Opera Browser | 2011-01-22 | 2.6 LOW | N/A |
| Opera before 11.00, when Opera Turbo is enabled, does not display a page's security indication, which makes it easier for remote attackers to spoof trusted content via a crafted web site. | |||||
| CVE-2010-4582 | 1 Opera | 1 Opera Browser | 2011-01-22 | 5.0 MEDIUM | N/A |
| Opera before 11.00 does not properly handle security policies during updates to extensions, which might allow remote attackers to bypass intended access restrictions via unspecified vectors. | |||||
| CVE-2010-4581 | 1 Opera | 1 Opera Browser | 2011-01-22 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Opera before 11.00 has unknown impact and attack vectors, related to "a high severity issue." | |||||
| CVE-2010-4580 | 1 Opera | 1 Opera Browser | 2011-01-22 | 5.0 MEDIUM | N/A |
| Opera before 11.00 does not clear WAP WML form fields after manual navigation to a new web site, which allows remote attackers to obtain sensitive information via an input field that has the same name as an input field on a previously visited web site. | |||||
| CVE-2010-4587 | 2 Microsoft, Opera | 2 Windows, Opera Browser | 2011-01-12 | 9.3 HIGH | N/A |
| Opera before 11.00 on Windows does not properly implement the Insecure Third Party Module warning message, which might make it easier for user-assisted remote attackers to have an unspecified impact via a crafted module. | |||||
| CVE-2010-0653 | 1 Opera | 1 Opera Browser | 2010-09-21 | 4.3 MEDIUM | N/A |
| Opera before 10.10 permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document. | |||||
| CVE-2010-1310 | 1 Opera | 1 Opera Browser | 2010-04-09 | 5.0 MEDIUM | N/A |
| Opera 10.50 allows remote attackers to obtain sensitive information via crafted XSLT constructs, which cause Opera to return cached contents of other pages. | |||||
| CVE-2003-1561 | 1 Opera | 1 Opera | 2009-01-29 | 4.3 MEDIUM | N/A |
| Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | |||||
| CVE-2007-4944 | 1 Opera | 1 Opera Browser | 2008-11-15 | 5.0 MEDIUM | N/A |
| The canvas.createPattern function in Opera 9.x before 9.22 for Linux, FreeBSD, and Solaris does not clear memory before using it to process a new pattern, which allows remote attackers to obtain sensitive information (memory contents) via JavaScript. | |||||