4486 matches found
Design/Logic Flaw
Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed cross-origin iframe bypass attack. By using a service working inside a sandboxed iframe it is possible to bypass the normal sandboxing attributes. This allows an attacker to make forced redirections without any user interaction...
CVE-2019-19788
Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed cross-origin iframe bypass attack. By using a service working inside a sandboxed iframe it is possible to bypass the normal sandboxing attributes. This allows an attacker to make forced redirections without any user interaction...
CVE-2019-19788
Opera for Android up to version 54.0.2669.49432 is vulnerable to a sandboxed cross-origin iframe bypass. The issue arises when a service running inside a sandboxed iframe bypasses the browser’s sandbox attributes, enabling forced redirections from a third‑party context without user interaction. A...
Opera becomes part of the CNA program
News Opera becomes part of the CNA program Share December 13th, 2019 Usually, Friday the 13th is considered to be an unlucky day. However, this is not the case for Opera, as we have great news, especially for security researchers and all security-minded Opera fans. We are proud to announce that...
Bypass a restriction in OfA 54 – Opera Security Advisories
Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed cross-origin iframe bypass attack. By using a service working inside a sandboxed iframe it is possible to bypass the normal sandboxing attributes. This allows an attacker to make forced redirections without any user interaction...
openSUSE Security Update : opera (openSUSE-2019-2107)
This update for opera fixes the following issues : Opera was updated to version 63.0.3368.66 : - CHR-7525 Update chromium on desktop-stable-76-3368 to 76.0.3809.132 - DNA-74031 Download indicator doesnt match progress - DNA-77042 Something went wrong message in crypto wallet in private window -...
OPENSUSE-SU-2019:2664-1 Security update for opera
This update for opera fixes the following issues: Opera was updated to version 65.0.3467.62 - CHR-7658 Update chromium on desktop-stable-78-3467 to 78.0.3904.108 - DNA-81387 Remove support for old bundle structure in signing scripts - DNA-81675 Update widevine signature localisation in signed...
Security update for opera (important)
openSUSE Security Update: Security update for opera Announcement ID: openSUSE-SU-2019:2664-1 Rating: important References: Cross-References: CVE-2019-13720 CVE-2019-13721 Affected Products: openSUSE Leap 15.1:NonFree An update that fixes two vulnerabilities is now available. Description: This...
openSUSE Security Update : opera (openSUSE-2019-2664)
This update for opera fixes the following issues : Opera was updated to version 65.0.3467.62 - CHR-7658 Update chromium on desktop-stable-78-3467 to 78.0.3904.108 - DNA-81387 Remove support for old bundle structure in signing scripts - DNA-81675 Update widevine signature localisation in signed...
KLA11717 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Bluetooth component can be exploited remotely via specially designed webpage to execute...
KLA11716 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use after free in audio Chrome component can be exploited remotely via specially designed website to...
KLA11715 Use after free vulnerability in Opera
Use after free vulnerability was found in Opera. Malicious users can exploit this vulnerability to execute arbitrary code, cause denial of service. Original advisories Chengelog for Opera 65 Stable Channel Update for Desktop Exploitation Malware exists for this vulnerability. Usually such malware...
KLA11714 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, cause denial of service. Below is a complete list of vulnerabilities: 1. Cross-origin data leak vulnerability can be exploited to arbitrary code executio...
CVE-2019-18624
Opera Mini for Android allows attackers to bypass intended restrictions on .apk file download/installation via an RTLO aka Right to Left Override approach, as demonstrated by misinterpretation of malicious%E2%80%AEtxt.apk as maliciouskpa.txt. This affects 44.1.2254.142553, 44.1.2254.142659, and...
CVE-2019-18624
Opera Mini for Android allows attackers to bypass intended restrictions on .apk file download/installation via an RTLO aka Right to Left Override approach, as demonstrated by misinterpretation of malicious%E2%80%AEtxt.apk as maliciouskpa.txt. This affects 44.1.2254.142553, 44.1.2254.142659, and...
Design/Logic Flaw
Opera Mini for Android allows attackers to bypass intended restrictions on .apk file download/installation via an RTLO aka Right to Left Override approach, as demonstrated by misinterpretation of malicious%E2%80%AEtxt.apk as maliciouskpa.txt. This affects 44.1.2254.142553, 44.1.2254.142659, and...
CVE-2019-18624
Opera Mini for Android allows attackers to bypass intended restrictions on .apk file download/installation via an RTLO aka Right to Left Override approach, as demonstrated by misinterpretation of malicious%E2%80%AEtxt.apk as maliciouskpa.txt. This affects 44.1.2254.142553, 44.1.2254.142659, and...
CVE-2019-18624
Opera Mini for Android is affected by a vulnerability where an RTLO (Right to Left Override) encoding trick allows bypassing restrictions on .apk downloads/installs. Reported as CVE-2019-18624, it impacts versions 44.1.2254.142553, 44.1.2254.142659, and 44.1.2254.143214. The root cause is misinte...
KLA11713 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in V8 can be exploited to execute arbitrary code; 2. Cross-origin size leak vulnerability in...
KLA11742 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Blink can be exploited remotely via special crafted webpage to potentially cause denial of...