Total
285 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-6467 | 1 Opera | 1 Opera Browser | 2023-12-10 | 4.3 MEDIUM | N/A |
Opera before 12.10 follows Internet shortcuts that are referenced by a (1) IMG element or (2) other inline element, which makes it easier for remote attackers to conduct phishing attacks via a crafted web site, as exploited in the wild in November 2012. | |||||
CVE-2013-3211 | 1 Opera | 1 Opera Browser | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in Opera before 12.15 has unknown impact and attack vectors, related to a "moderately severe issue." | |||||
CVE-2012-3559 | 2 Apple, Opera | 2 Mac Os X, Opera Browser | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in Opera before 12.00 on Mac OS X has unknown impact and attack vectors, related to a "moderate severity issue." | |||||
CVE-2012-6460 | 1 Opera | 1 Opera Browser | 2023-12-10 | 5.0 MEDIUM | N/A |
Opera before 11.67 and 12.x before 12.02 allows remote attackers to cause truncation of a dialog, and possibly trigger downloading and execution of arbitrary programs, via a crafted web site. | |||||
CVE-2012-4144 | 4 Apple, Linux, Microsoft and 1 more | 4 Mac Os X, Linux Kernel, Windows and 1 more | 2023-12-10 | 4.3 MEDIUM | N/A |
Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, does not properly escape characters in DOM elements, which makes it easier for remote attackers to bypass cross-site scripting (XSS) protection mechanisms via a crafted HTML document. | |||||
CVE-2012-3564 | 1 Opera | 1 Opera Browser | 2023-12-10 | 5.0 MEDIUM | N/A |
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application hang) via an absolutely positioned wrap=off TEXTAREA element located next to an "overflow: auto" block element. | |||||
CVE-2012-1925 | 1 Opera | 1 Opera Browser | 2023-12-10 | 6.8 MEDIUM | N/A |
Opera before 11.62 does not ensure that a dialog window is placed on top of content windows, which makes it easier for user-assisted remote attackers to trick users into downloading and executing arbitrary files via a download dialog located under other windows. | |||||
CVE-2012-3558 | 1 Opera | 1 Opera Browser | 2023-12-10 | 2.6 LOW | N/A |
Opera before 11.65 does not ensure that the address field corresponds to the displayed web page during unusually timed changes to this field, which makes it easier for user-assisted remote attackers to conduct spoofing attacks via vectors involving navigation, reloads, and redirects. | |||||
CVE-2012-4142 | 4 Apple, Linux, Microsoft and 1 more | 4 Mac Os X, Linux Kernel, Windows and 1 more | 2023-12-10 | 4.3 MEDIUM | N/A |
Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, ignores some characters in HTML documents in unspecified circumstances, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document. | |||||
CVE-2012-4010 | 1 Opera | 1 Opera Browser | 2023-12-10 | 5.0 MEDIUM | N/A |
Opera before 11.60 allows remote attackers to spoof the address bar via unspecified homograph characters, a different vulnerability than CVE-2010-2660. | |||||
CVE-2012-1926 | 1 Opera | 1 Opera Browser | 2023-12-10 | 5.0 MEDIUM | N/A |
Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the (1) history.pushState and (2) history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information. | |||||
CVE-2012-4145 | 4 Apple, Linux, Microsoft and 1 more | 4 Mac Os X, Linux Kernel, Windows and 1 more | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, has unknown impact and attack vectors, related to a "low severity issue." | |||||
CVE-2013-4705 | 1 Opera | 1 Opera Browser | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Opera before 15.00 allows remote attackers to inject arbitrary web script or HTML by leveraging UTF-8 encoding. | |||||
CVE-2012-3556 | 1 Opera | 1 Opera Browser | 2023-12-10 | 9.3 HIGH | N/A |
Opera before 11.65 does not properly restrict the opening of a pop-up window in response to the first click of a double-click action, which makes it easier for user-assisted remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary code via a crafted web site. | |||||
CVE-2012-6469 | 1 Opera | 1 Opera Browser | 2023-12-10 | 5.0 MEDIUM | N/A |
Opera before 12.11 allows remote attackers to determine the existence of arbitrary local files via vectors involving web script in an error page. | |||||
CVE-2012-1251 | 1 Opera | 1 Opera Browser | 2023-12-10 | 5.8 MEDIUM | N/A |
Opera before 9.63 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2012-6466 | 1 Opera | 1 Opera Browser | 2023-12-10 | 5.0 MEDIUM | N/A |
Opera before 12.10 does not properly handle incorrect size data in a WebP image, which allows remote attackers to obtain potentially sensitive information from process memory by using a crafted image as the fill pattern for a canvas. | |||||
CVE-2012-3555 | 1 Opera | 1 Opera Browser | 2023-12-10 | 7.6 HIGH | N/A |
Opera before 11.65 does not ensure that keyboard sequences are associated with a visible window, which makes it easier for user-assisted remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary code via a crafted web site, related to a "hidden keyboard navigation" issue. | |||||
CVE-2012-1929 | 2 Apple, Opera | 2 Mac Os X, Opera Browser | 2023-12-10 | 6.4 MEDIUM | N/A |
Opera before 11.62 on Mac OS X allows remote attackers to spoof the address field and security dialogs via crafted styling that causes page content to be displayed outside of the intended content area. | |||||
CVE-2012-1924 | 1 Opera | 1 Opera Browser | 2023-12-10 | 6.8 MEDIUM | N/A |
Opera before 11.62 allows user-assisted remote attackers to trick users into downloading and executing arbitrary files via a small window for the download dialog. |