Lucene search
K
OperaMost viewed

391 matches found

Opera Security Advisories
Opera Security Advisories
added 2011/01/25 12:0 a.m.10 views

Web pages can gain limited access to files on the user’s computer – Opera Security Advisories

Web pages can gain limited access to files on the user’s computer – Opera Security Advisories OPCOM Team | January 25, 2011 Severity High Description Certain types of HTTP responses and redirections can cause Opera to mistakenly give elevated privileges to remote web pages. These pages can then u...

5.9AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2010/10/06 12:0 a.m.10 views

Cross-domain checks may be bypassed, allowing limited data theft using CSS – Opera Security Advisories

Cross-domain checks may be bypassed, allowing limited data theft using CSS – Opera Security Advisories OPCOM Team | October 6, 2010 Severity Moderate Description CSS can be loaded cross-domain. In some cases, files that do not contain CSS may be partially interpreted as CSS. It is possible to mak...

5.7AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2010/09/08 12:0 a.m.10 views

Malicious DLL files can be unintentionally loaded and allowed to run arbitrary code – Opera Security Advisories

Malicious DLL files can be unintentionally loaded and allowed to run arbitrary code – Opera Security Advisories OPCOM Team | September 8, 2010 Severity High Description Opera uses dynamic link libraries DLLs of its own, and several provided by the host operating system or plug-ins. In some cases,...

6.3AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2010/08/12 12:0 a.m.10 views

News feed preview can subscribe to feeds without interaction – Opera Security Advisories

News feed preview can subscribe to feeds without interaction – Opera Security Advisories OPCOM Team | August 12, 2010 Severity Low Description When Opera is previewing a news feed, certain types of content do not have their scripts removed correctly. These scripts are able to subscribe the user t...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2010/08/12 12:0 a.m.10 views

Heap buffer overflow in HTML5 canvas can be used to execute arbitrary code – Opera Security Advisories

Heap buffer overflow in HTML5 canvas can be used to execute arbitrary code – Opera Security Advisories OPCOM Team | August 12, 2010 Severity High Description Performing some painting operations on a canvas while certain transformations are being applied in Opera may result in heap buffer overflow...

6.3AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2010/06/29 12:0 a.m.10 views

Double-clicking a link can unexpectedly run a program from the Internet – Opera Security Advisories

Double-clicking a link can unexpectedly run a program from the Internet – Opera Security Advisories OPCOM Team | June 29, 2010 Severity Moderately severe Description When a user clicks a link on a Web page that points to an executable file, Opera will show a download dialog to allow the user to...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2010/06/29 12:0 a.m.10 views

TLS protocol vulnerable to Man In The Middle attack – Opera Security Advisories

TLS protocol vulnerable to Man In The Middle attack – Opera Security Advisories OPCOM Team | June 29, 2010 Summary A vulnerability has been discovered in all current versions of the SSL and TLS protocols, that may allow an attacker to inject data and instructions into the HTTPS connection and tri...

5.7AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2010/06/22 12:0 a.m.10 views

Data URIs can be used to allow cross-site scripting – Opera Security Advisories

Data URIs can be used to allow cross-site scripting – Opera Security Advisories OPCOM Team | June 22, 2010 Severity Highly severe Description Data URIs are allowed to run scripts that manipulate pages from the site that directly opened them. In some cases, the opening site is not correctly...

5.5AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2010/06/19 12:0 a.m.10 views

Opera may be used as a vector for a font issue in the underlying operating system

A flaw in the font handling on the Windows operating system has been fixed by Microsoft. On unpatched systems, Web fonts may be used to exploit this issue through Opera...

1.1AI score
Exploits0References1Affected Software1
Opera Security Advisories
Opera Security Advisories
added 2009/11/20 12:0 a.m.10 views

Error messages can leak onto unrelated sites – Opera Security Advisories

Scripting error messages are normally available only to the page that caused the error. In some cases, the error messages could be passed to other sites as the contents of unrelated variables, and may contain sensitive information. If those sites write the content into the page markup, this could...

5.7AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2009/08/29 12:0 a.m.10 views

Sites using revoked intermediate certificates might be shown as secure – Opera Security Advisories

Sites using revoked intermediate certificates might be shown as secure – Opera Security Advisories OPCOM Team | August 29, 2009 Summary Opera does not check the revocation status for intermediate certificates not served by the server. If the intermediate is revoked, this might not impact the...

5.6AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2009/02/13 12:0 a.m.10 views

TLS certificates can be used to execute arbitrary code – Opera Security Advisories

TLS certificates can be used to execute arbitrary code – Opera Security Advisories OPCOM Team | February 13, 2009 Severity Highly Severe Problem Description When connecting to a TLS-protected website, Opera parses the X.509 certificate. If a site uses a specially crafted Subject Alternative Name ...

6.1AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/16 12:0 a.m.10 views

Vulnerability in createSVGTransformFromMatrix (JavaScript, SVG) – Opera Security Advisories

Vulnerability in createSVGTransformFromMatrix JavaScript, SVG – Opera Security Advisories OPCOM Team | December 16, 2008 Summary A vulnerability in createSVGTransformFromMatrix ObjectTypecasting can crash Opera. Severity Moderate Problem description Passing an incorrect object to...

6.1AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/16 12:0 a.m.10 views

History Search can be used to execute arbitrary code – Opera Security Advisories

History Search can be used to execute arbitrary code – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Extremely Severe Problem Description When certain parameters are passed to Opera’s History Search, they can cause content not to be correctly sanitized. This can allow scripts ...

6.1AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/16 12:0 a.m.10 views

Sites can change framed content on other sites – Opera Security Advisories

Sites can change framed content on other sites – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Highly Severe Problem Description Scripts are able to change the addresses of framed pages that come from the same site. Due to a flaw in the way that Opera checks what frames can be...

5.7AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/16 12:0 a.m.10 views

Startup crash can allow execution of arbitrary code – Opera Security Advisories

Startup crash can allow execution of arbitrary code – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Extremely Severe Problem Description When Opera is registered as a handler for a given protocol, it can be started by external applications. In some cases, being started in this...

6.1AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/16 12:0 a.m.10 views

Registering Opera as a protocol handler can allow it to be used to execute arbitrary code – Opera Security Advisories

Registering Opera as a protocol handler can allow it to be used to execute arbitrary code – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Extremely Severe Problem Description When an application attempts to access a URL that uses a protocol that it does not understand, it may...

6.1AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/16 12:0 a.m.10 views

canvas functions can reveal data from random places in memory – Opera Security Advisories

canvas functions can reveal data from random places in memory – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Moderately severe Problem description There is a flaw in the way that certain canvas functions are handled, that can cause the canvas to be painted with very small...

5.7AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/16 12:0 a.m.10 views

Newsfeed prompt can cause Opera to execute arbitrary code – Opera Security Advisories

Newsfeed prompt can cause Opera to execute arbitrary code – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Highly Severe Problem Description When Opera encounters a newsfeed source on a Web page, it prompts to add the source as a newsfeed. A script can manipulate the feed sourc...

6.2AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/15 12:0 a.m.10 views

Long hostnames in file: URLs can cause execution of arbitrary code

Exceptionally long host names in file: URLs can cause a buffer overflow, which may be exploited to execute arbitrary code. Remote Web pages cannot refer to file: URLs, so successful exploitation involves tricking users into manually opening the exploit URL, or a local file that refers to it...

2.2AI score
Exploits0Affected Software1
Opera Security Advisories
Opera Security Advisories
added 2008/12/15 12:0 a.m.10 views

Manipulating text input contents can allow execution of arbitrary code – Opera Security Advisories

Manipulating text input contents can allow execution of arbitrary code – Opera Security Advisories OPCOM Team | December 15, 2008 Severity Extremely Severe Problem Description Manipulating certain text-area contents can cause a buffer overflow, which may be exploited to execute arbitrary code...

6.4AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/15 12:0 a.m.10 views

Built-in XSLT templates can allow cross-site scripting – Opera Security Advisories

Built-in XSLT templates can allow cross-site scripting – Opera Security Advisories OPCOM Team | December 15, 2008 Severity Highly Severe Problem Description Built-in XSLT templates incorrectly handle escaped content and can cause it to be treated as markup. If a site accepts content from untruste...

5.5AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2007/10/18 12:0 a.m.10 views

Opera security upgrade for Mac OS X – Opera Security Advisories

Opera security upgrade for Mac OS X – Opera Security Advisories OPCOM Team | October 18, 2007 Opera security upgrade for Mac OS X. Severity: Highly Severe Affected Versions Mac OS X system with the Opera Web browser and the Adobe Flash Player 9.0.47.0 and earlier installed. Problem Description...

10CVSS5.7AI score0.09081EPSS
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2006/02/17 12:0 a.m.10 views

The link tooltip and the statusbar can be misleading – Opera Security Advisories

The link tooltip and the statusbar can be misleading – Opera Security Advisories OPCOM Team | February 17, 2006 Summary Opera’s status bar shows the “title” attribute of a form inputimage, not the form’s “action” URL. This may mislead the user. Severity: Very low Problem description It is possibl...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2005/12/19 12:0 a.m.10 views

Double-clicking a link can run a program from the Internet – Opera Security Advisories

Double-clicking a link can run a program from the Internet – Opera Security Advisories OPCOM Team | December 19, 2005 Summary If a user double-clicks a Web link leading to a program,that program can be run. The second click may go intothe “Open” button of the file download dialog. Severity:...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2005/12/12 12:0 a.m.10 views

A very long title in a web page can cause a crash on startup – Opera Security Advisories

A very long title in a web page can cause a crash on startup – Opera Security Advisories OPCOM Team | December 12, 2005 Summary A web page with an extremely long attribute can causeOpera to crash when certain conditions are met. It affectsWindows users with Input Method Editor IME installed...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2005/11/23 12:0 a.m.10 views

Opera may execute command line embedded in URLs – Opera Security Advisories

Opera may execute command line embedded in URLs – Opera Security Advisories OPCOM Team | November 23, 2005 Summary Opera will execute command lines embedded in the URL when anotherprogram uses Opera to open a link. This affects UNIX versions ofOpera Linux/FreeBSD/Solaris. Severity: High Problem...

6AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2005/11/23 12:0 a.m.10 views

Combinations of right-to-left text and negative margins can crash Opera – Opera Security Advisories

Combinations of right-to-left text and negative margins can crash Opera – Opera Security Advisories OPCOM Team | November 23, 2005 Summary Combinations of right-to-left text and negative marginsin HTML code can crash Opera. Severity: Not a security issue. Problem description Right-to-left scripts...

6AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2025/10/21 12:0 a.m.9 views

Protected with Opera Neon: Understanding agentic browser security

Security Protected with Opera Neon: Understanding agentic browser security Share October 21st, 2025 Hi Opera users, If you were hanging out around these parts in the past few weeks, you might have noticed that we launched Opera Neon – an AI agentic browser that can browse with you or for you, tak...

8.8CVSS7.2AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2025/07/01 12:0 a.m.9 views

VPNs explained: How a VPN helps keep your online life private

Privacy, Security VPNs explained: How a VPN helps keep your online life private Share July 1st, 2025 Today, we spend more than half our lives online. So it’s only natural that we worry a lot more about online safety and privacy. VPNs are just one of the tools many internet users already rely on t...

8.8CVSS7.3AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2025/06/05 12:0 a.m.9 views

Update your browser: Security fixes for latest Chrome zero-day

News, Security Update your browser: Security fixes for latest Chrome zero-day Share June 5th, 2025 Hi everyone! The latest patches to the Opera, Opera GX, Opera Air, and Opera for Android address several recent vulnerabilities, including a zero-day exploit CVE-2025-5419. We recommend updating you...

8.8CVSS7.3AI score0.0645EPSS
Exploits7References1
Opera Security Advisories
Opera Security Advisories
added 2024/08/23 12:0 a.m.9 views

Update your browser: Security fixes for latest Chrome zero-day

News, Security Update your browser: Security fixes for latest Chrome zero-day Share August 23rd, 2024 Hi everyone! The latest patches to the Opera and Opera GX address several recent vulnerabilities, including a zero-day exploit CVE-2024-7971. We recommend updating your browsers to the latest...

9.6CVSS7.2AI score0.19272EPSS
Exploits6References1
Opera Security Advisories
Opera Security Advisories
added 2023/08/11 12:0 a.m.9 views

How your Opera browser keeps you safe from spyware and other cyber threats

Privacy, Security How your Opera browser keeps you safe from spyware and other cyber threats Share August 11th, 2023 Hi everyone! In our digital age, your online security is often under threat. From phishing scams to spyware and direct hacking attempts, your personal data is often in the crosshai...

8.8CVSS7.2AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2023/08/10 12:0 a.m.9 views

Update your browser: Security fixes for latest Chrome bugs

News, Security Update your browser: Security fixes for latest Chrome bugs Share August 10th, 2023 Hi everyone! Opera, Opera GX, and Opera Crypto Browser have received important updates addressing a number of vulnerabilities and bugs. Among those are the following important vulnerabilities detecte...

8.8CVSS7.2AI score0.24116EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2023/02/09 12:0 a.m.9 views

Opera’s Security team at Barcelona Cybersecurity Congress 2023

Security Opera’s Security team at Barcelona Cybersecurity Congress 2023 Share February 9th, 2023 Hello readers! If you follow our Security team’s Twitter account it’s here, by the way!, you’ll have noticed we were busy last week meeting cybersecurity enthusiasts and professionals at this year’s...

8.8CVSS7.3AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2023/01/27 12:0 a.m.9 views

It’s Data Privacy Day: Here’s how to protect your data and become your own privacy champion

News, Security It’s Data Privacy Day: Here’s how to protect your data and become your own privacy champion Share January 27th, 2023 Hello readers! January 28 is Data Privacy Day – an annual celebration of all things data protection and online privacy! It’s an opportunity for businesses and users ...

8.8CVSS7.2AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2022/11/11 12:0 a.m.9 views

Safe Browsing now on Opera for Android

Security Safe Browsing now on Opera for Android Share November 11th, 2022 Hi Android users! We’re happy to share that Opera for Android 72 now features Safe Browsing to keep you even safer when browsing or shopping online on your Android device. Safe Browsing protects your online experience by...

8.8CVSS7.3AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2022/03/30 12:0 a.m.9 views

Opera’s Free Browser VPN Completes Independent Security Audit by Cure53

News Opera’s Free Browser VPN Completes Independent Security Audit by Cure53 Share March 30th, 2022 Today we’re happy to announce the completion of an independent security audit of Opera’s free built-in browser VPN. Opera’s free, no-log, built-in browser VPN was originally launched as part of the...

8.8CVSS7.3AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2021/05/21 12:0 a.m.9 views

Opera Browser for Android

Research Opera Browser for Android Share May 21st, 2021 In this episode of theOpera Bug Bounty series, we introduce Opera for Android, our main product for the Android platform. What is Opera for Android Opera for Android is a Chromium-based browser that prides itself on a user-friendly and good...

8.8CVSS7.4AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2020/12/04 12:0 a.m.9 views

Can a browser extension be cursed?

Privacy Can a browser extension be cursed? Share December 4th, 2020 Mallory tries to create a browser extension that will let him spy on Alice. TL;DR: skip to the conclusions to see what Alice learned. The Privacy Problem Mallory was quite tired of his failed attempts to melt Alice’s heart. She...

8.8CVSS7.4AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2020/11/20 12:0 a.m.9 views

What is the TLS padlock saying?

Security What is the TLS padlock saying? Share November 20th, 2020 Alice and Bob use TLS to keep their long distance relationship hot and private. TL;DR: skip to the conclusions to see what Alice learned. The Privacy Problem Alice and Bob had to turn their relationship into a long distance one...

8.8CVSS7.3AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2018/08/28 12:0 a.m.9 views

Flow is seamless and secure – security features explained

Security Flow is seamless and secure – security features explained Share August 28th, 2018 Some of you may already be familiar with Flow, the new feature that allows you to quickly and seamlessly share images, links and videos between your Opera browser for computers and your Opera Touch mobile...

8.8CVSS7.4AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2014/05/12 12:0 a.m.9 views

Possibly Tricking Users – The Perils of Drag n Drop Decadence

Security Possibly Tricking Users – The Perils of Drag n Drop Decadence Share May 12th, 2014 In the recent Opera 21 Stable release, we fixed a number of bugs relating to the address field. Normally, we would not want to give away too much about a security issue, as it would give a potential attack...

8.8CVSS7.2AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2014/03/13 12:0 a.m.9 views

Security changes in Opera 20 update

Security Security changes in Opera 20 update Share March 13th, 2014 We have just released a silent update of Opera 20, you would most likely not even have noticed. From a security perspective, we have made two interesting changes in this update. The first one regards what we call the badge, the...

8.8CVSS7AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2013/04/04 12:0 a.m.9 views

Cookies can be set for a top-level domain – Opera Security Advisories

Browsers should only allow cookies to be set for the website that created them. In some specific cases, Opera does not apply this restriction correctly, and allows a website to set a cookie for its entire top-level domain such as .com or .co.uk. A malicious site could then redirect the user to...

5.7AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2013/01/29 12:0 a.m.9 views

DOM events manipulation might be used to execute arbitrary code – Opera Security Advisories

DOM events manipulation might be used to execute arbitrary code – Opera Security Advisories OPCOM Team | January 29, 2013 Severity: High Description: Particular DOM event manipulations can cause Opera to crash. In some cases, this crash might occur in a way that allows execution of arbitrary code...

6.2AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2012/12/17 12:0 a.m.9 views

Private data can be disclosed to other computer users, or be modified by them – Opera Security Advisories

Private data such as cache, password files, and Opera’s configuration files are supposed to be visible only to the user who owns the Opera profile. Opera does not set the profile folder permissions correctly, allowing other computer users to read the sensitive contents of profile files. In some...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2012/11/19 12:0 a.m.9 views

HTTP response heap buffer overflow can allow execution of arbitrary code – Opera Security Advisories

When requesting pages using HTTP, Opera temporarily stores the response in a buffer. In some cases, Opera may incorrectly allocate too little space for a buffer, and may then store too much of the response in that buffer. This causes a buffer overflow, which in turn can lead to a memory corruptio...

6.1AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2012/11/02 12:0 a.m.9 views

Certificate revocation service failure may cause Opera to show an unverified site as secure – Opera Security Advisories

When accessing secure websites, Opera checks with a number of services to check if the website’s security certificate has been revoked. Normally, if Opera cannot check revocation status, it will not present the site as secure. In some cases, a failure in one of these services can cause Opera not ...

5.7AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2012/08/01 12:0 a.m.9 views

Certain characters in HTML can incorrectly be ignored, which can facilitate XSS attacks – Opera Security Advisories

Sites that allow content to be provided by untrusted users, such as forums and blogging sites, typically sanitize the untrusted content to ensure that it does not contain any harmful content, such as malicious scripts. When certain characters appear at specific locations within HTML markup, they...

5.6AI score
Exploits0References1
Total number of security vulnerabilities391