Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
OperaOpera Browser10.62

105 matches found

CVE
CVEadded 2011/07/01 10:55 a.m.43 views

CVE-2011-1337

Opera before 11.50 allows remote attackers to cause a denial of service (disk consumption) via invalid URLs that trigger creation of error pages.

4.3CVSS7.2AI score0.02017EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.43 views

CVE-2011-2610

Unspecified vulnerability in Opera before 11.50 has unknown impact and attack vectors, related to a "moderately severe issue."

10CVSS7.2AI score0.00533EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.43 views

CVE-2011-2612

Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by progorod.ru.

5CVSS7.2AI score0.00492EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.43 views

CVE-2011-2615

Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application hang) via unknown content on a web page, as demonstrated by domiteca.com.

5CVSS7.1AI score0.00492EPSS
CVE
CVEadded 2012/08/30 5:55 p.m.43 views

CVE-2012-4010

Opera before 11.60 allows remote attackers to spoof the address bar via unspecified homograph characters, a different vulnerability than CVE-2010-2660.

5CVSS6.5AI score0.01003EPSS
CVE
CVEadded 2013/09/13 2:10 p.m.43 views

CVE-2013-4705

Cross-site scripting (XSS) vulnerability in Opera before 15.00 allows remote attackers to inject arbitrary web script or HTML by leveraging UTF-8 encoding.

4.3CVSS5.8AI score0.00254EPSS
CVE
CVEadded 2011/01/31 9:0 p.m.42 views

CVE-2011-0685

The Delete Private Data feature in Opera before 11.01 does not properly implement the "Clear all email account passwords" option, which might allow physically proximate attackers to access an e-mail account via an unattended workstation.

2.1CVSS7.2AI score0.0007EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.42 views

CVE-2011-2620

Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors involving SVG animation.

5CVSS7AI score0.00535EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.42 views

CVE-2011-2634

Opera before 11.10 allows remote attackers to hijack (1) searches and (2) customizations via unspecified third party applications.

5CVSS7.3AI score0.00274EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.42 views

CVE-2011-2636

Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by a certain Tomato Firmware page.

5CVSS7.2AI score0.00492EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.42 views

CVE-2011-2639

Opera before 11.10 does not properly handle hidden animated GIF images, which allows remote attackers to cause a denial of service (CPU consumption) via an image file that triggers continual repaints.

5CVSS7.2AI score0.00535EPSS
CVE
CVEadded 2012/03/28 3:22 a.m.42 views

CVE-2012-1927

Opera before 11.62 allows remote attackers to spoof the address field by triggering the launch of a dialog window associated with a different domain.

6.4CVSS7.2AI score0.01662EPSS
CVE
CVEadded 2012/06/14 7:55 p.m.42 views

CVE-2012-3557

Opera before 11.65 does not properly restrict the reading of JSON strings, which allows remote attackers to perform cross-domain loading of JSON resources and consequently obtain sensitive information via a crafted web site.

5CVSS7.1AI score0.00377EPSS
CVE
CVEadded 2012/06/14 7:55 p.m.42 views

CVE-2012-3561

Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string.

10CVSS7.9AI score0.10215EPSS
CVE
CVEadded 2012/06/14 7:55 p.m.42 views

CVE-2012-3565

Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted characters in domain names, as demonstrated by "IDNA2008 tests."

5CVSS6.6AI score0.00474EPSS
CVE
CVEadded 2012/08/06 4:55 p.m.42 views

CVE-2012-4144

Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, does not properly escape characters in DOM elements, which makes it easier for remote attackers to bypass cross-site scripting (XSS) protection mechanisms via a crafted HTML document.

4.3CVSS5.4AI score0.01007EPSS
CVE
CVEadded 2011/01/31 8:0 p.m.41 views

CVE-2011-0450

The downloads manager in Opera before 11.01 on Windows does not properly determine the pathname of the filesystem-viewing application, which allows user-assisted remote attackers to execute arbitrary code via a crafted web site that hosts an executable file.

7.6CVSS7.3AI score0.03799EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.41 views

CVE-2011-2613

The Array.prototype.join method in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a non-array object that contains initial holes.

5CVSS7.1AI score0.00535EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.41 views

CVE-2011-2623

Unspecified vulnerability in the SVG BiDi implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash or hang) via unknown vectors.

5CVSS7.1AI score0.00535EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.41 views

CVE-2011-2625

Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a SELECT element that contains many OPTION elements.

5CVSS7.1AI score0.00535EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.41 views

CVE-2011-2626

Opera before 11.50 allows remote attackers to cause a denial of service (application crash) by using "injected script" to set the SRC attribute of an IFRAME element.

5CVSS7.1AI score0.00535EPSS
CVE
CVEadded 2012/06/14 7:55 p.m.41 views

CVE-2012-3563

Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via a web page that contains invalid character encodings.

5CVSS6.6AI score0.00436EPSS
CVE
CVEadded 2012/06/14 7:55 p.m.41 views

CVE-2012-3566

Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (application hang) via JavaScript code that changes a form before submission.

4.3CVSS6.7AI score0.00443EPSS
CVE
CVEadded 2013/01/02 11:46 a.m.41 views

CVE-2012-6463

Cross-site scripting (XSS) vulnerability in Opera before 12.10 allows remote attackers to inject arbitrary web script or HTML via vectors involving an unspecified sequence of loading of documents and loading of data: URLs.

4.3CVSS5.6AI score0.00263EPSS
CVE
CVEadded 2014/02/06 10:55 p.m.41 views

CVE-2014-0815

The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated by reading stored cookies.

4.3CVSS6.1AI score0.00375EPSS
CVE
CVEadded 2010/12/22 3:0 a.m.40 views

CVE-2010-4587

Opera before 11.00 on Windows does not properly implement the Insecure Third Party Module warning message, which might make it easier for user-assisted remote attackers to have an unspecified impact via a crafted module.

9.3CVSS6.8AI score0.00574EPSS
CVE
CVEadded 2011/01/31 9:0 p.m.40 views

CVE-2011-0683

Opera before 11.01 does not properly restrict the use of opera: URLs, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

4.3CVSS7.2AI score0.00958EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.40 views

CVE-2011-2630

Opera before 11.11 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page that is not properly handled during a reload occurring after the opening of a popup of the Easy Sticky Note extension.

4.3CVSS7.1AI score0.00461EPSS
CVE
CVEadded 2012/03/28 3:22 a.m.40 views

CVE-2012-1929

Opera before 11.62 on Mac OS X allows remote attackers to spoof the address field and security dialogs via crafted styling that causes page content to be displayed outside of the intended content area.

6.4CVSS6.6AI score0.01039EPSS
CVE
CVEadded 2012/06/14 7:55 p.m.40 views

CVE-2012-3560

Opera before 11.65 does not ensure that the address field corresponds to the displayed web page during blocked navigation, which makes it easier for remote attackers to conduct spoofing attacks by detecting and preventing attempts to load a different web page.

4.3CVSS7.2AI score0.00722EPSS
CVE
CVEadded 2012/06/14 7:55 p.m.40 views

CVE-2012-3564

Opera before 12.00 Beta allows remote attackers to cause a denial of service (application hang) via an absolutely positioned wrap=off TEXTAREA element located next to an "overflow: auto" block element.

5CVSS6.6AI score0.00474EPSS
CVE
CVEadded 2013/01/02 11:46 a.m.40 views

CVE-2012-6467

Opera before 12.10 follows Internet shortcuts that are referenced by a (1) IMG element or (2) other inline element, which makes it easier for remote attackers to conduct phishing attacks via a crafted web site, as exploited in the wild in November 2012.

4.3CVSS6.4AI score0.00245EPSS
CVE
CVEadded 2011/01/31 9:0 p.m.39 views

CVE-2011-0687

Opera before 11.01 does not properly implement Wireless Application Protocol (WAP) dropdown lists, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted WAP document.

4.3CVSS7.1AI score0.01567EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.39 views

CVE-2011-2633

Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service (application crash) via vectors involving a Certificate Revocation List (CRL) file, as demonstrated by the multicert-ca-02.crl file.

5CVSS7AI score0.00288EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.39 views

CVE-2011-2635

The Cascading Style Sheets (CSS) implementation in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via vectors involving use of the :hover pseudo-class, in conjunction with transforms, for a floated element.

5CVSS7.1AI score0.00535EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.39 views

CVE-2011-2640

Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via an HTML document that has an empty parameter value for an embedded Java applet.

5CVSS7.2AI score0.00734EPSS
CVE
CVEadded 2011/12/07 7:55 p.m.39 views

CVE-2011-4684

Opera before 11.60 does not properly handle certificate revocation, which has unspecified impact and remote attack vectors related to "corner cases."

10CVSS6.4AI score0.09368EPSS
CVE
CVEadded 2012/06/14 7:55 p.m.39 views

CVE-2012-3567

Opera before 12.00 Beta allows remote attackers to cause a denial of service (memory consumption or application hang) via an IFRAME element that uses the src="#" syntax to embed a parent document.

5CVSS6.7AI score0.00474EPSS
CVE
CVEadded 2013/04/19 11:44 a.m.39 views

CVE-2013-3210

Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the same top-level domain.

5CVSS6AI score0.0023EPSS
CVE
CVEadded 2010/12/22 3:0 a.m.38 views

CVE-2010-4580

Opera before 11.00 does not clear WAP WML form fields after manual navigation to a new web site, which allows remote attackers to obtain sensitive information via an input field that has the same name as an input field on a previously visited web site.

5CVSS7.1AI score0.00722EPSS
CVE
CVEadded 2010/12/22 3:0 a.m.38 views

CVE-2010-4581

Unspecified vulnerability in Opera before 11.00 has unknown impact and attack vectors, related to "a high severity issue."

10CVSS7.2AI score0.0046EPSS
CVE
CVEadded 2010/12/22 3:0 a.m.38 views

CVE-2010-4582

Opera before 11.00 does not properly handle security policies during updates to extensions, which might allow remote attackers to bypass intended access restrictions via unspecified vectors.

5CVSS7.3AI score0.00283EPSS
CVE
CVEadded 2011/01/31 9:0 p.m.38 views

CVE-2011-0686

Unspecified vulnerability in Opera before 11.01 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by vkontakte.ru.

5CVSS7.2AI score0.01347EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.38 views

CVE-2011-2618

Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via web script that moves a (1) AUDIO element or (2) VIDEO element between windows.

5CVSS7.2AI score0.00492EPSS
CVE
CVEadded 2011/07/01 10:55 a.m.38 views

CVE-2011-2619

Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a gradient with many stops, related to the implementation of CANVAS elements, SVG, and Cascading Style Sheets (CSS).

5CVSS7.1AI score0.00535EPSS
CVE
CVEadded 2012/08/06 4:55 p.m.38 views

CVE-2012-4143

Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, allows user-assisted remote attackers to trick users into downloading and executing arbitrary files via a small window for the download dialog, a different vulnerability than CVE-2012-1924.

6.8CVSS6.6AI score0.01216EPSS
CVE
CVEadded 2013/01/02 11:46 a.m.38 views

CVE-2012-6462

Opera before 12.10 does not properly implement the Cross-Origin Resource Sharing (CORS) specification, which allows remote attackers to bypass intended page-content restrictions via a crafted request.

5CVSS6.4AI score0.00184EPSS
CVE
CVEadded 2013/01/02 11:46 a.m.38 views

CVE-2012-6472

Opera before 12.12 on UNIX uses weak permissions for the profile directory, which allows local users to obtain sensitive information by reading a (1) cache file, (2) password file, or (3) configuration file, or (4) possibly gain privileges by modifying or overwriting a configuration file.

4.6CVSS6.3AI score0.00041EPSS
CVE
CVEadded 2012/03/28 3:22 a.m.37 views

CVE-2012-1930

Opera before 11.62 on UNIX uses world-readable permissions for temporary files during printing, which allows local users to obtain sensitive information by reading these files.

4.6CVSS7AI score0.00046EPSS
CVE
CVEadded 2012/06/14 7:55 p.m.37 views

CVE-2012-3559

Unspecified vulnerability in Opera before 12.00 on Mac OS X has unknown impact and attack vectors, related to a "moderate severity issue."

10CVSS6.7AI score0.00331EPSS
Total number of security vulnerabilities105