Lucene search
K
OperaMost viewed

391 matches found

Opera Security Advisories
Opera Security Advisories
added 2010/12/14 12:0 a.m.8 views

Web page content can display misleading security information – Opera Security Advisories

Dialogs such as the security information dialog and download dialog are displayed over the top of the webpage content. In some cases, webpage content will be incorrectly displayed on top of the dialogs, or over parts of the dialogs. This content can then display misleading security information,...

5.7AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2010/10/06 12:0 a.m.8 views

Manipulating the window can be used to spoof the page address – Opera Security Advisories

Manipulating the window can be used to spoof the page address – Opera Security Advisories OPCOM Team | October 6, 2010 Severity Low Description Web page scripts can be used to alter the size of the browser window. In some cases, this manipulation can cause the wrong part of the Web page address t...

5.6AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/16 12:0 a.m.8 views

A JPEG image with a malformed header can crash Opera – Opera Security Advisories

A JPEG image with a malformed header can crash Opera – Opera Security Advisories OPCOM Team | December 16, 2008 Summary A JPEG image with a malformed header can crash Opera, and causearbitrary code to be run. Severity Moderate Problem description A specially crafted DHT marker in the JPEG file...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/16 12:0 a.m.8 views

Custom shortcuts can pass the wrong parameters to applications – Opera Security Advisories

Custom shortcuts can pass the wrong parameters to applications – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Moderately Severe Problem Description Custom shortcut and menu commands can be used to activate external applications. In some cases, the parameters passed to these...

6AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/16 12:0 a.m.8 views

Feed links can link to local files – Opera Security Advisories

Feed links can link to local files – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Less Severe Problem Description As a security precaution, Opera does not allow Web pages to link to files on the user’s local disk. However, a flaw exists that allows Web pages to link to feed...

5.6AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/16 12:0 a.m.8 views

Insecure pages can show incorrect security information – Opera Security Advisories

Insecure pages can show incorrect security information – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Less Severe Problem Description When insecure pages load content from secure sites into a frame, they can cause Opera to incorrectly report the insecure site as being secure...

5.7AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/16 12:0 a.m.8 views

Character Encoding Inheritance in iframes Can Enable Cross-Site Scripting – Opera Security Advisories

Character Encoding Inheritance in iframes Can Enable Cross-Site Scripting – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Moderate Problem description Pages displayed inside an iframe will inherit the character encodingof the parent page, unless they specify their own characte...

5.6AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2007/07/19 12:0 a.m.8 views

The createPattern function can reveal old data from random places in memory – Opera Security Advisories

The createPattern function can reveal old data from random places in memory – Opera Security Advisories OPCOM Team | July 19, 2007 Summary The createPattern function can reveal old data from random places in memory Severity: moderately severe Problem description Opera for Linux, FreeBSD, and...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2007/02/09 12:0 a.m.8 views

Vulnerability in Opera’s use of kfmclient – Opera Security Advisories

Vulnerability in Opera’s use of kfmclient – Opera Security Advisories OPCOM Team | February 9, 2007 Severity: Moderate Since version 7.50, Opera for Linux has offered theuser a new way to open files which Opera can not openitself: “Open with kfmclient”. This feature can beexploited to run malicio...

6AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2007/02/09 12:0 a.m.8 views

Opera not vulnerable to JPEG processing vulnerability in Microsoft’s GDI+ library – Opera Security Advisories

Opera not vulnerable to JPEG processing vulnerability in Microsoft’s GDI+ library – Opera Security Advisories OPCOM Team | February 9, 2007 Opera is not vulnerable to the JPEG processing vulnerability in Microsoft’s GDI+ library. Details: Microsoft Security Bulletin MS04-028 Buffer Overrun in JPE...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2005/11/23 12:0 a.m.8 views

Specially crafted Java applets can crash Opera – Opera Security Advisories

Specially crafted Java applets can crash Opera – Opera Security Advisories OPCOM Team | November 23, 2005 Summary A specially crafted Java applet can cause Opera to crash. Severity: Not exploitable Problem description Java code using LiveConnect methods to remove a property of aJavaScript object...

5.9AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2005/02/25 12:0 a.m.8 views

Internationalized domain names (IDN) can be used for spoofing. – Opera Security Advisories

Internationalized domain names IDN can be used for spoofing. – Opera Security Advisories OPCOM Team | February 25, 2005 Summary Opera supports internationalized domain names IDN, which allowsfor example Russian or Chinese domain names to be written in theirown native scripts. However, this also...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2026/07/02 12:0 a.m.7 views

Here’s how Opera’s Paste Protect guards you natively against clipboard attacks

News, Security Here’s how Opera’s Paste Protect guards you natively against clipboard attacks Share July 2nd, 2026 At Opera, user security is a top priority. That’s why today, we are excited to announce that Opera is the first browser to introduce Paste Protect: a native defense measure against...

8.8CVSS7.5AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2021/10/01 12:0 a.m.7 views

Fuzzing HTTP Proxies: Squid, Part 2

Research Fuzzing HTTP Proxies: Squid, Part 2 Share October 1st, 2021 Security is important to us, here at Opera. That’s why, apart from making our browsers safer, we also want to make the Web a bit safer. One of those ways is helping other developers find and fix vulnerabilities in their products...

8.8CVSS7.6AI score0.95785EPSS
Exploits7References1
Opera Security Advisories
Opera Security Advisories
added 2021/01/07 12:0 a.m.7 views

Making browsing safe from phishing

Privacy, Security Making browsing safe from phishing Share January 7th, 2021 Mallory tries to create a phishing site to lure Alice into revealing her secrets. TL;DR: skip to the conclusions to see what Alice learned. The Privacy Problem In the previous episode, Mallory was thinking about...

8.8CVSS7.1AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2016/02/16 12:0 a.m.7 views

Opera 12 and Opera Mail security update

Security Opera 12 and Opera Mail security update Share February 16th, 2016 We realize that those of you on old operating systems like Windows XP SP1 and older are left without much choice beyond using our Presto-based browser. With security standards on the web changing so much we didn’t want to...

8.8CVSS7.7AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2015/10/29 12:0 a.m.7 views

Misissued certificates

Security Misissued certificates Share October 29th, 2015 Recently, Google found a google.com pre-certificate in a CT log, without having ordered one. This lead to a series of incidents, also involving Opera and its security team. The backstory Google promptly contacted Symantec who had issued the...

8.8CVSS7.2AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2015/02/25 12:0 a.m.7 views

Optimizing encrypted video

Security Optimizing encrypted video Share February 25th, 2015 You might have seen our press release that Opera’s Rocket Optimizer can now optimize encrypted video streams. The attentive reader will already have halted and said, “wait, what?”. In this blog post, we’ll explain how this works. Rocke...

8.8CVSS7.3AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2014/08/19 12:0 a.m.7 views

Security changes in Opera 23

News Security changes in Opera 23 Share August 19th, 2014 Opera 23 has been out on the stable channel for a while, and we have just released a few silent security updates as well. The first was a regular Opera security fix, the second was to take in a security patch in advance of the regular...

8.8CVSS7.3AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2013/10/31 12:0 a.m.7 views

New home for the Security Group blog

News New home for the Security Group blog Share October 31st, 2013 Welcome to the new home of the Opera Security Group. We have changed our blogging platform. For more more information regarding the switch, please see this post. If you received this blog post in your feed reader, you do not need ...

8.8CVSS7.3AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2013/01/29 12:0 a.m.7 views

TLS response timings can indicate network contents – Opera Security Advisories

When Opera receives incorrectly encrypted network data, Opera will detect this, and let the sender know that the data was not understood. Such encrypted error responses are marginally faster than regular responses. An attacker with access to the network, can by replacing network data measure...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2012/12/20 12:0 a.m.7 views

Carefully timed redirects can allow cross site scripting – Opera Security Advisories

Scripts on a page are supposed to be restricted so that they can only interact with other pages from the same domain and security context. Carefully timed redirects can cause scripts to execute in the wrong security context in Opera. This allows cross site scripting XSS...

5.4AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2012/06/12 12:0 a.m.7 views

Pages can prevent navigation to a target page, spoofing the address field – Opera Security Advisories

When a user types a new URL for the browser to load, the currently active page may detect when the new page is about to load and prevent the navigation, while still leaving the new URL displayed in the address bar. This can then be used to spoof the URL of the target page. The malicious page woul...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2012/03/26 12:0 a.m.7 views

Printing issue can allow data leaks to other system users, or allow them to corrupt data – Opera Security Advisories

When pages are printed by Opera, a temporary file is created, which contains the document to print. This document is not created with the correct permissions, allowing other users of the system to read its contents. When printed with certain popular printing frameworks, an additional temporary fi...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2011/06/29 12:0 a.m.7 views

Issue with error pages can cause a system crash – Opera Security Advisories

When attempting to resolve a URL which cannot be interpreted as a legal URL, Opera will create an error page to display to the user when they load it. If enough invalid URLs can be created, Opera can use up all available disk space with these error pages, causing the browser or operating system t...

4.3CVSS5.7AI score0.02587EPSS
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2011/02/11 12:0 a.m.7 views

HTTP header leakage when using Opera Turbo – Opera Security Advisories

HTTP header leakage when using Opera Turbo – Opera Security Advisories OPCOM Team | February 11, 2011 Severity High Description When using Opera Turbo, pages are requested by the Opera Turbo servers, sending the relevant HTTP headers for that request. In some cases, the headers are incorrectly...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2011/01/25 12:0 a.m.7 views

Clickjacking attacks may be carried out against internal opera: URLs – Opera Security Advisories

Clickjacking attacks may be carried out against internal opera: URLs – Opera Security Advisories OPCOM Team | January 25, 2011 Severity High Description Internal opera: URLs which may be used to modify the Opera configuration have some intentional restrictions that are designed to mitigate possib...

5.7AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2010/10/11 12:0 a.m.7 views

JavaScript might run in the wrong context if loaded from error page – Opera Security Advisories

JavaScript might run in the wrong context if loaded from error page – Opera Security Advisories OPCOM Team | October 11, 2010 Severity Moderate Description If Opera is sent to an invalid URL, an error page will be displayed along with a link to the URL. The URL linked to might run scripts, and in...

5.7AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2010/06/29 12:0 a.m.7 views

Certain characters may be used for domain name spoofing – Opera Security Advisories

Certain characters may be used for domain name spoofing – Opera Security Advisories OPCOM Team | June 29, 2010 Severity Moderately severe Description Opera uses several approaches to prevent spoofing of internationalized domain names IDN with characters that look similar to each other. With...

5.7AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/16 12:0 a.m.7 views

Simulated text inputs can trick users into uploading arbitrary files – Opera Security Advisories

Simulated text inputs can trick users into uploading arbitrary files – Opera Security Advisories OPCOM Team | December 16, 2008 Severity: Moderately Severe Problem Description When a user types into a file input, scripts can cause some of the keystrokes to be ignored. If the script can convince t...

5.9AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2019/02/07 12:0 a.m.6 views

Opera Privacy Statement Update 2019

Privacy Opera Privacy Statement Update 2019 Share February 7th, 2019 This is an outdated article. Please read Opera Privacy Statement Update 2022 instead. We have recently updated our end-user license agreements and our terms of service have been updated as well. We are also about to update our...

8.8CVSS7.3AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2017/02/22 12:0 a.m.6 views

Opera installer mistakenly marked as malicious

Security Opera installer mistakenly marked as malicious Share February 22nd, 2017 During the past few days some of our users have contacted us raising the concern that the Qihoo 360 Total Security anti-virus software has been labelling the Opera installer executable for Windows as some form of...

8.8CVSS7.3AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2015/01/16 12:0 a.m.6 views

Thanks to the researchers 2015

Research Thanks to the researchers 2015 Share January 16th, 2015 At Opera Software, we run a large number of websites for our products and services, and we like to give credit to the researchers and website testers who offer their assistance to help us tighten the security of those websites. We...

8.8CVSS7.3AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2014/01/31 12:0 a.m.6 views

Security changes and features of Opera 19

Security Security changes and features of Opera 19 Share January 31st, 2014 Opera 19 is now been put through its paces on the Developer and Next channels, and is now out on the Stable channel. Opera 19 for Android has also recently been released. New features As with every release, each new featu...

8.8CVSS7.4AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2010/12/14 12:0 a.m.6 views

WAP form content can be leaked to other sites – Opera Security Advisories

When accepting user input in form fields on a WAP page, WML requires that the input contents are remembered, and used to populate every further input sharing the same name. This should continue as long as the user continues to click links known as a WAP session, even populating similarly named...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2007/02/09 12:0 a.m.6 views

Opera security advisory 2004-12-10 – Opera Security Advisories

Opera security advisory 2004-12-10 – Opera Security Advisories OPCOM Team | February 9, 2007 Opera security advisory Named frames or windows can be hi-jacked by malicious frames or windows. Periods in the file name and non-breaking spaces in the Content-Type header can make the save/open dialog...

5.6AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2026/07/03 12:0 a.m.5 views

Security fix: Addressing a GX mods vulnerability

News, Security Security fix: Addressing a GX mods vulnerability Share July 3rd, 2026 Hi Opera users, Recently, an independent security researcher responsibly disclosed a vulnerability in Opera GX. The vulnerability, which has since been patched, took advantage of our mods functionality. After...

8.8CVSS7.2AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2018/02/13 12:0 a.m.5 views

Thanks to the researchers 2018

News Thanks to the researchers 2018 Share February 13th, 2018 Every year, researchers offer us their assistance to help enhance the security of our websites. We would like to thank those who discovered and reported security issues in 2018. EDIT: The list of researchers was moved to our new site,t...

8.8CVSS7.2AI score0.01654EPSS
Exploits4References1
Opera Security Advisories
Opera Security Advisories
added 2009/11/20 12:0 a.m.5 views

Heap buffer overflow in string to number conversion – Opera Security Advisories

Passing very long strings through the string to number conversion using JavaScript in Opera may result in heap buffer overflows. This also affects the dtoa routine, and was reported in CVE-2009-0689. In most cases Opera will just freeze or terminate, but in some cases this could lead to a crash...

6.8CVSS6AI score0.28167EPSS
Exploits43References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/17 12:0 a.m.5 views

Certain characters can be used to allow cross-site scripting – Opera Security Advisories

Certain characters can be used to allow cross-site scripting – Opera Security Advisories OPCOM Team | December 17, 2008 Severity Highly Severe Problem Description When accepting HTML content from untrusted users, Web sites sometimes employ some kind of filtering to ensure that the content cannot...

5.1AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2008/12/16 12:0 a.m.5 views

The links panel can allow cross-site scripting – Opera Security Advisories

The links panel can allow cross-site scripting – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Highly Severe Problem Description The links panel shows links in all frames on the current page, including links with JavaScript URLs. When a page is held in a frame, the script is...

5.7AI score
Exploits0References1
Total number of security vulnerabilities391