391 matches found
Insecure pages can show incorrect security information
When insecure pages load content from secure sites into a frame, they can cause Opera to incorrectly report the insecure site as being secure. The padlock icon will incorrectly be shown, and the security information dialog will state that the connection is secure, but without any certificate...
A JPEG image with a malformed header can crash Opera
A specially crafted DHT marker in the JPEG file header can causea heap overflow. The malformed image alone will only cause a crash. To exploitthe flaw, the computer's memory must first be filled up withcode of the attacker's choice. This is not trivial to do reliably,so attempted attacks will oft...
Opera’s HTTP authentication cuts off long server names at the end – Opera Security Advisories
Opera’s HTTP authentication cuts off long server names at the end – Opera Security Advisories OPCOM Team | July 19, 2007 Summary Opera’s HTTP authentication dialog cuts off long server name at the right hand end. Severity: Less severe Problem description Opera’s HTTP authentication dialog is...
Address bar spoofing in Opera Touch for iOS – Opera Security Advisories
Opera Touch for iOS before version 2.4.5 is vulnerable to an address bar spoofing attack. The vulnerability allows a malicious page to trick the browser into showing an address of a different page. This may allow the malicious page to impersonate another page and trick a user into providing...
Reloads and redirects can allow spoofing and cross site scripting
Scripts on a page are supposed to be restricted so that they can only interact with other pages from the same domain and security context. Carefully timed reloads and redirects, when combined with appropriate caching, can cause scripts to execute in the wrong security context in Opera. This allow...
Double-clicking a link can unexpectedly run a program from the Internet
When a user clicks a link on a Web page that points to an executable file, Opera will show a download dialog to allow the user to download it. The dialog will allow the user to choose to run the executable directly. If the user accidentally double clicks, the second click will activate whatever i...
TLS protocol vulnerable to Man In The Middle attack
A vulnerability has been discovered in all current versions of the SSL and TLS protocols, that may allow an attacker to inject data and instructions into the HTTPS connection and trick the server to believe the date and instructions came from the client.The attacker accomplishes this by first...
Pages can trick users into uploading files
On some Linux or Unix installations, Opera would pass a dropped file to a file input, making it possible for a page to trick users to upload files without the user's knowledge...
Adress bar is not always updated correctly when collapsed
The collapsed Address bar can in some cases temporarily show the previous domain instead of the domain of the present site...
Very large link addresses can cause Opera to crash
An extremely long link address can cause Opera to crash.A specially crafted long link could cause malicious codeto be run on the user's computer...
A very long title in a web page can cause a crash on startup
If a Windows user with Input Method Editor IME installedbookmarks a page with an extremely long element,Opera will crash upon next startup. Opera will not recoverfrom this on its own, so the user will not be able to startOpera.This affects Japanese users and others using IME for textinput. It als...
Why browsing with Opera’s VPN is safer
Security Why browsing with Opera’s VPN is safer Share May 29th, 2026 A virtual private network VPN is a great way to protect yourself online, especially on public hotspots. Opera is the first major browser to have a built-in, no-log, unlimited browser VPN that is completely free. So how can you...
Where to find Opera’s Privacy and Security team online
Security Where to find Opera’s Privacy and Security team online Share September 27th, 2023 Hello everyone! Through this blog, we strive to offer timely updates and important information about Opera and our products. This helps us maintain an open line of communication with our users, particularly...
Cross-site Scripting in OfA – Opera Security Advisories
URLs using “javascript:” have the protocol removed when pasted into the address bar to protect users from cross-site scripting XSS attacks, but in certain circumstances this removal was not performed. This could allow users to be socially engineered to run an XSS attack against themselves. This...
Widget properties exposed to third party domains
In some cases, widget properties could be exposed to third party domains, leading to the possibility of leak of widget information, or configuration options for the widget...
HTTP Content-Length header can be used to execute arbitrary code
Large values in the HTTP Content-Length header can cause Opera to crash. Certain specific values can cause a memory corruption, which in some cases can allow arbitrary code to be injected and executed. In most cases Opera will just crash. To inject code, additional techniques will have to be...
Error messages can leak onto unrelated sites
Scripting error messages are normally available only to the page that caused the error. In some cases, the error messages could be passed to other sites as the contents of unrelated variables, and may contain sensitive information. If those sites write the content into the page markup, this could...
Resized canvas patterns can cause Opera to execute arbitrary code – Opera Security Advisories
Resized canvas patterns can cause Opera to execute arbitrary code – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Moderately Severe Problem Description HTML CANVAS elements can use scaled images as patterns. With suitable scaling manipulation of the image, a script can cause...
Scripts can overwrite functions on pages from other domains
When accesing frames from different Web sites, specially crafted scripts can bypass the same-origin policy, and overwrite functions from those frames. If scripts on the page then run those functions, this can cause the script of the attacker's choice to run in the context of the target Web site...
How we keep Opera users and products safe: Inside the role of Head of Security
Security How we keep Opera users and products safe: Inside the role of Head of Security Share May 8th, 2026 We usually think of security only when something goes wrong – whether it’s a suspicious login we noticed, a strange pop-up we got while browsing, or a headline we read about a data breach...
Update your browser: Security fix for Chrome zero-days CVE 2026-3909 & CVE-2026-3910
News, Security Update your browser: Security fix for Chrome zero-days CVE 2026-3909 & CVE-2026-3910 Share March 14th, 2026 Hi everyone! The latest patches to Opera’s browsers address several recent vulnerabilities, including two zero-day exploits CVE 2026-3909 and CVE-2026-3910. We recommend...
Update your browser: Security fix for Chrome zero-day CVE-2026-2441
News, Security Update your browser: Security fix for Chrome zero-day CVE-2026-2441 Share February 16th, 2026 Hi everyone! The latest patches to Opera, Opera GX, Opera Air, Opera Neon, and Opera for Android address several recent vulnerabilities, including a zero-day exploit CVE-2026-2441. We...
Fuzzing HTTP Proxies: Privoxy, Part 1
Research Fuzzing HTTP Proxies: Privoxy, Part 1 Share May 17th, 2021 Here at Opera, we’re always looking for ways to improve the browsing experience of our users with speed and usability. Perhaps more importantly though, we also look for ways to improve users’ privacy and security. While we...
Private video streams can be intercepted
Video content may be used as filler content for a HTML5 canvas, if the video format is natively supported by Opera. If the video and page are from the same site, the content of the canvas can be safely read out by scripts. In some cases, Opera does not check the video's origin correctly, and may...
History Search can be used to execute arbitrary code
When certain parameters are passed to Opera's History Search, they can cause content not to be correctly sanitized. This can allow scripts to be injected into the History Search results page. Such scripts can then run with elevated privileges and interact with Opera's configuration, allowing them...
Specially crafted addresses can execute arbitrary code
If a malicious page redirects Opera to a specially crafted address URL, it can cause Opera to crash. Given sufficient address content, the crash could cause execution of code controlled by the attacking page...
Malformed bitmaps can reveal old data from random places in memory
Specially malformed bitmap images can cause Opera to render the image using a palette made up from uninitialized memory. Using canvas, the pattern can be read and analyzed by JavaScript, so an attacker can get random samples of the user's memory, which may contain data...
A malicious torrent can cause Opera to execute arbitrary code
Removing a specially crafted torrent from the download managercan crash Opera. The crash is caused by an erroneous memoryaccess.An attacker needs to entice the user to accept the maliciousBitTorrent download, and later remove it from Opera's downloadmanager. To inject code, additional means will...
Opera may execute command line embedded in URLs
Opera for UNIX uses a wrapper shell script to start up Opera.This shell script reads the input arguments, like the file namesor URLs that Opera is to open. It also performs some environmentchecks, for example whether Java is available and if so, where itis located.This wrapper script can also run...
Fuzzing HTTP Proxies: Privoxy, Part 3
Research Fuzzing HTTP Proxies: Privoxy, Part 3 Share January 4th, 2022 One of my earlier posts outlined how I had discovered six security vulnerabilities in the Privoxy software using the technique of fuzzing to cause the software to crash. This post outlines how I discovered three more...
Unexpected changes in tab focus can be used to run programs from the Internet
Tabs may be used to obscure a download dialog that is visible in another tab. The dialog will allow the user to choose to run downloaded executables directly. If the tab is closed or hidden at the moment that a user was about to click, they can end up clicking on the buttons in the dialog, causin...
File inputs can disclose the path to selected files
When a file is selected in a file upload input, the path to that file is not exposed through the input's value property. This is done to protect any sensitive information which may be contained in the directory names. When manipulated by DOM this information should also not be exposed. Certain DO...
XSLT can be used to retrieve random contents of unrelated documents – Opera Security Advisories
XSLT can be used to retrieve random contents of unrelated documents – Opera Security Advisories OPCOM Team | March 18, 2010 Affected versions This vulnerability affects Opera 10.50. Severity Highly severe Description XSLT is normally subject to strict controls, preventing documents from separate...
Specially crafted JPEG images can be used to execute arbitrary code
Specially crafted JPEG images can cause Opera to corrupt memory and crash. Successful exploitation can lead to execution of arbitrary code...
Certain characters can be used to allow cross-site scripting
When accepting HTML content from untrusted users, Web sites sometimes employ some kind of filtering to ensure that the content cannot contain scripts. If the content is to be used inside an HTML attribute, characters that separate attributes need to be filtered out to prevent scripted attributes...
Fast Forward can allow cross-site scripting – Opera Security Advisories
Fast Forward can allow cross-site scripting – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Highly Severe Platforms All desktop versions Problem Description If a link that uses a JavaScript URL triggers Opera’s Fast Forward feature, when the user activates Fast Forward, the...
Long hostnames in file: URLs can cause execution of arbitrary code – Opera Security Advisories
Long hostnames in file: URLs can cause execution of arbitrary code – Opera Security Advisories OPCOM Team | December 15, 2008 Severity Highly Severe Problem Description Exceptionally long host names in file: URLs can cause a buffer overflow, which may be exploited to execute arbitrary code. Remot...
a specially crafted JavaScript can make Opera execute arbitrary code – Opera Security Advisories
a specially crafted JavaScript can make Opera execute arbitrary code – Opera Security Advisories OPCOM Team | August 7, 2007 A specially crafted JavaScript can make Opera execute arbitrary code. Severity: Highly severe Problem description A virtual function call on an invalid pointer that may...
Double-clicking a link can run a program from the Internet
Links in Web pages only require a single click. When a userdouble-clicks on a Web link, that action is taken as twoseparate clicks: One to follow the link, and the other toany dialog that might appear where the link was.A specially crafted page can place the link so that the"Open" button in the...
Update your browser: Security fix for Chrome zero-day CVE-2025-10585
News, Security Update your browser: Security fix for Chrome zero-day CVE-2025-10585 Share September 18th, 2025 Hi everyone! The latest patches to Opera, Opera GX, Opera Air, and Opera for Android address several recent vulnerabilities, including a zero-day exploit CVE-2025-10585. We recommend...
Update your browser: Security updates address vulnerabilities including latest Chrome bugs
News, Security Update your browser: Security updates address vulnerabilities including latest Chrome bugs Share June 15th, 2023 Hi everyone! The Opera browser, Opera GX and Opera Crypto Browser have just received important updates addressing a number of vulnerabilities and bugs. Among those are t...
Data URIs can be used to facilitate Cross-Site Scripting – Opera Security Advisories
Data URIs are only supposed to inherit the scripting origin from the site that creates them, such as by including them as the target of a link or an inline frame in the source of the document. Specific sequences of document and data URI loading can cause Opera to forget which document created the...
*.com accepted as wildcard match in SSL/TLS name matching
Certificate authorities are expected to vet all certificate registrations, but may fail to prevent fraudulent or erroneous registrations. Certificates which use a wild card immediately before the top level domain, or nulls in the domain name, may pass validation checks in Opera. Sites using such...
Opera security upgrade for Linux, Solaris and FreeBSD
A security issue in the Adobe Flash Player running in Opera on Linux, Solaris or FreeBSD has been found. Details about the vulnerability will be disclosed at a later date...
Resized canvas patterns can cause Opera to execute arbitrary code
HTML CANVAS elements can use scaled images as patterns. With suitable scaling manipulation of the image, a script can cause Opera to crash. This crash can sometimes cause memory corruption. To inject code, additional techniques will have to be employed...
Newsfeed prompt can cause Opera to execute arbitrary code
When Opera encounters a newsfeed source on a Web page, it prompts to add the source as a newsfeed. A script can manipulate the feed source in a way that can cause Opera to crash. The crash is caused by an erroneous memory access. To inject code, additional techniques will have to be employed...
The links panel can allow cross-site scripting
The links panel shows links in all frames on the current page, including links with JavaScript URLs. When a page is held in a frame, the script is incorrectly executed on the outermost page, not the page where the URL was located. This can be used to execute scripts in the context of an unrelated...
Specially crafted addresses can execute arbitrary code – Opera Security Advisories
Specially crafted addresses can execute arbitrary code – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Extremely Severe Problem Description If a malicious page redirects Opera to a specially crafted address URL, it can cause Opera to crash. Given sufficient address content, th...
Rich editing allows cross domain scripting – Opera Security Advisories
Rich editing allows cross domain scripting – Opera Security Advisories OPCOM Team | December 16, 2008 Problem Description Rich editing using designMode allows page contents to be edited. Pages can use this ability to inject scripts into pages from other domains. This allows cross domain scripting...
HTML parsing flaw can cause Opera to execute arbitrary code – Opera Security Advisories
HTML parsing flaw can cause Opera to execute arbitrary code – Opera Security Advisories OPCOM Team | December 15, 2008 Severity Extremely Severe Problem Description Certain HTML constructs can cause the resulting DOM to change unexpectedly, which triggers a crash. To inject code, additional...