Filtered by vendor Opera
Subscriptions
Filtered by product Opera Browser
Subscriptions
Total
285 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-1928 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.62 allows remote attackers to spoof the address field by triggering a page reload followed by a redirect to a different domain. | ||||
| CVE-2010-1310 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera 10.50 allows remote attackers to obtain sensitive information via crafted XSLT constructs, which cause Opera to return cached contents of other pages. | ||||
| CVE-2010-1989 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera 9.52 executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images, a related issue to CVE-2010-0181. | ||||
| CVE-2010-2661 | 4 Apple, Microsoft, Opera and 1 more | 4 Mac Os X, Windows, Opera Browser and 1 more | 2025-04-11 | N/A |
| Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict access to the full pathname of a file selected for upload, which allows remote attackers to obtain potentially sensitive information via unspecified DOM manipulations. | ||||
| CVE-2010-2665 | 4 Apple, Microsoft, Opera and 1 more | 4 Mac Os X, Windows, Opera Browser and 1 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Opera before 10.54 on Windows and Mac OS X, and before 10.11 on UNIX platforms, allows remote attackers to inject arbitrary web script or HTML via a data: URI, related to incorrect detection of the "opening site." | ||||
| CVE-2010-4043 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive information via a crafted document. | ||||
| CVE-2010-4582 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.00 does not properly handle security policies during updates to extensions, which might allow remote attackers to bypass intended access restrictions via unspecified vectors. | ||||
| CVE-2010-4583 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.00, when Opera Turbo is enabled, does not display a page's security indication, which makes it easier for remote attackers to spoof trusted content via a crafted web site. | ||||
| CVE-2011-0687 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.01 does not properly implement Wireless Application Protocol (WAP) dropdown lists, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted WAP document. | ||||
| CVE-2011-2614 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| The SVG implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors involving a path on which many characters are drawn. | ||||
| CVE-2011-2620 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors involving SVG animation. | ||||
| CVE-2011-2626 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.50 allows remote attackers to cause a denial of service (application crash) by using "injected script" to set the SRC attribute of an IFRAME element. | ||||
| CVE-2011-2630 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.11 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page that is not properly handled during a reload occurring after the opening of a popup of the Easy Sticky Note extension. | ||||
| CVE-2011-2631 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| The Cascading Style Sheets (CSS) implementation in Opera before 11.11 does not properly handle the column-count property, which allows remote attackers to cause a denial of service (infinite repaint loop and application hang) via a web page, as demonstrated by an unspecified Wikipedia page. | ||||
| CVE-2011-2633 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service (application crash) via vectors involving a Certificate Revocation List (CRL) file, as demonstrated by the multicert-ca-02.crl file. | ||||
| CVE-2011-2635 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| The Cascading Style Sheets (CSS) implementation in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via vectors involving use of the :hover pseudo-class, in conjunction with transforms, for a floated element. | ||||
| CVE-2011-2640 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via an HTML document that has an empty parameter value for an embedded Java applet. | ||||
| CVE-2011-4681 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.60 does not properly consider the number of . (dot) characters that conventionally exist in domain names of different top-level domains, which allows remote attackers to bypass the Same Origin Policy by leveraging access to a different domain name in the same top-level domain, as demonstrated by the .no or .uk domain. | ||||
| CVE-2012-1926 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the (1) history.pushState and (2) history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information. | ||||
| CVE-2012-3562 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page that is not properly handled during a reload, as demonstrated by a "multiple origin camera test" page. | ||||