Vulnerabilities (CVE)

Filtered by vendor Opera Software Subscribe
Total 75 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-2311 2 Microsoft, Opera Software 2 Internet Explorer, Opera Web Browser 2021-07-23 6.4 MEDIUM N/A
Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the vendor has disputed the severity of this issue.
CVE-2009-3832 3 Microsoft, Opera, Opera Software 4 Windows, Brew Browser, Opera Browser and 1 more 2018-10-30 5.8 MEDIUM N/A
Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site.
CVE-2009-3831 3 Microsoft, Opera, Opera Software 4 Windows, Brew Browser, Opera Browser and 1 more 2018-10-30 9.3 HIGH N/A
Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name.
CVE-2005-3750 1 Opera Software 1 Opera Web Browser 2018-10-19 7.5 HIGH N/A
Opera before 8.51 on Linux and Unix systems allows remote attackers to execute arbitrary code via shell metacharacters (backticks) in a URL that another product provides in a command line argument when launching Opera.
CVE-2005-3946 1 Opera Software 1 Opera Web Browser 2018-10-19 5.0 MEDIUM N/A
Opera 8.50 allows remote attackers to cause a denial of service (crash) via a Java applet with a large string argument to the removeMember JNI method for the com.opera.JSObject class.
CVE-2006-3353 1 Opera Software 1 Opera Web Browser 2018-10-18 5.0 MEDIUM N/A
Opera 9 allows remote attackers to cause a denial of service (crash) via a crafted web page that triggers an out-of-bounds memory access, related to an iframe and JavaScript that accesses certain style sheets properties.
CVE-2006-3199 1 Opera Software 1 Opera Web Browser 2018-10-18 5.0 MEDIUM N/A
Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attribute with a URL containing a long hostname, which triggers an out-of-bounds operation.
CVE-2006-3198 1 Opera Software 1 Opera Web Browser 2018-10-18 7.5 HIGH N/A
Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended.
CVE-2006-3331 1 Opera Software 1 Opera Web Browser 2018-10-18 5.0 MEDIUM N/A
Opera before 9.0 does not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks.
CVE-2007-0802 2 Mozilla, Opera Software 2 Firefox, Opera 2018-10-16 6.4 MEDIUM N/A
Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing Protection mechanism by adding certain characters to the end of the domain name, as demonstrated by the "." and "/" characters, which is not caught by the Phishing List blacklist filter.
CVE-1999-1283 1 Opera Software 1 Opera Web Browser 2017-12-19 5.0 MEDIUM N/A
Opera 3.2.1 allows remote attackers to cause a denial of service (application crash) via a URL that contains an extra / in the http:// tag.
CVE-2007-2274 1 Opera Software 1 Opera 2017-10-11 7.8 HIGH N/A
The BitTorrent implementation in Opera 9.2 allows remote attackers to cause a denial of service (CPU consumption and application crash) via a malformed torrent file. NOTE: the original disclosure refers to this as a memory leak, but it is not certain.
CVE-2005-0233 3 Mozilla, Omnigroup, Opera Software 5 Camino, Firefox, Mozilla and 2 more 2017-10-11 7.5 HIGH N/A
The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
CVE-2004-0411 2 Kde, Opera Software 2 Konqueror, Opera Web Browser 2017-10-11 7.5 HIGH N/A
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code.
CVE-2009-0915 2 Opera, Opera Software 2 Opera, Opera Web Browser 2017-09-29 6.8 MEDIUM N/A
Opera before 9.64 allows remote attackers to conduct cross-domain scripting attacks via unspecified vectors related to plug-ins.
CVE-2008-2716 1 Opera Software 1 Opera 2017-08-08 5.0 MEDIUM N/A
Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the location, which can facilitate phishing attacks.
CVE-2007-3929 1 Opera Software 1 Opera Web Browser 2017-07-29 9.3 HIGH N/A
Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object.
CVE-2007-4367 1 Opera Software 1 Opera Web Browser 2017-07-29 9.3 HIGH N/A
Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."
CVE-2007-2809 1 Opera Software 1 Opera Web Browser 2017-07-29 9.3 HIGH N/A
Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. NOTE: due to the lack of details, it is not clear if this is the same issue as CVE-2007-2274.
CVE-2007-1377 4 Adobe, Mozilla, Netscape and 1 more 4 Acrobat Reader, Firefox, Navigator and 1 more 2017-07-29 5.0 MEDIUM N/A
AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236.