Total
285 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4046 | 1 Opera | 1 Opera Browser | 2024-02-28 | 4.3 MEDIUM | N/A |
| Opera before 10.63 does not properly verify the origin of video content, which allows remote attackers to obtain sensitive information by using a video stream as HTML5 canvas content. | |||||
| CVE-2010-1993 | 1 Opera | 1 Opera Browser | 2024-02-28 | 5.0 MEDIUM | N/A |
| Opera 9.52 does not properly handle an IFRAME element with a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (resource consumption) via an HTML document with many IFRAME elements. | |||||
| CVE-2010-4581 | 1 Opera | 1 Opera Browser | 2024-02-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Opera before 11.00 has unknown impact and attack vectors, related to "a high severity issue." | |||||
| CVE-2011-2616 | 1 Opera | 1 Opera Browser | 2024-02-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (memory consumption) via unknown content on a web page, as demonstrated by test262.ecmascript.org. | |||||
| CVE-2010-4045 | 1 Opera | 1 Opera Browser | 2024-02-28 | 9.3 HIGH | N/A |
| Opera before 10.63 does not properly restrict web script in unspecified circumstances involving reloads and redirects, which allows remote attackers to spoof the Address Bar, conduct cross-site scripting (XSS) attacks, and possibly execute arbitrary code by leveraging the ability of a script to interact with a web page from (1) a different domain or (2) a different security context. | |||||
| CVE-2011-2621 | 1 Opera | 1 Opera Browser | 2024-02-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors related to form layout. | |||||
| CVE-2011-4683 | 1 Opera | 1 Opera Browser | 2024-02-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Opera before 11.60 has unknown impact and attack vectors, related to a "moderately severe issue." | |||||
| CVE-2010-1310 | 1 Opera | 1 Opera Browser | 2024-02-28 | 5.0 MEDIUM | N/A |
| Opera 10.50 allows remote attackers to obtain sensitive information via crafted XSLT constructs, which cause Opera to return cached contents of other pages. | |||||
| CVE-2011-2634 | 1 Opera | 1 Opera Browser | 2024-02-28 | 5.0 MEDIUM | N/A |
| Opera before 11.10 allows remote attackers to hijack (1) searches and (2) customizations via unspecified third party applications. | |||||
| CVE-2010-5068 | 1 Opera | 1 Opera Browser | 2024-02-28 | 4.3 MEDIUM | N/A |
| The Cascading Style Sheets (CSS) implementation in Opera 10.5 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264. | |||||
| CVE-2011-2613 | 1 Opera | 1 Opera Browser | 2024-02-28 | 5.0 MEDIUM | N/A |
| The Array.prototype.join method in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a non-array object that contains initial holes. | |||||
| CVE-2010-4585 | 1 Opera | 1 Opera Browser | 2024-02-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the auto-update functionality in Opera before 11.00 allows remote attackers to cause a denial of service (application crash) by triggering an Opera Unite update. | |||||
| CVE-2011-2631 | 1 Opera | 1 Opera Browser | 2024-02-28 | 5.0 MEDIUM | N/A |
| The Cascading Style Sheets (CSS) implementation in Opera before 11.11 does not properly handle the column-count property, which allows remote attackers to cause a denial of service (infinite repaint loop and application hang) via a web page, as demonstrated by an unspecified Wikipedia page. | |||||
| CVE-2010-1349 | 2 Microsoft, Opera | 2 Windows, Opera Browser | 2024-02-28 | 10.0 HIGH | N/A |
| Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow. | |||||
| CVE-2010-3021 | 1 Opera | 1 Opera Browser | 2024-02-28 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 10.61 allows remote attackers to cause a denial of service (CPU consumption and application hang) via an animated PNG image. | |||||
| CVE-2010-2576 | 1 Opera | 1 Opera Browser | 2024-02-28 | 6.8 MEDIUM | N/A |
| Opera before 10.61 does not properly suppress clicks on download dialogs that became visible after a recent tab change, which allows remote attackers to conduct clickjacking attacks, and consequently execute arbitrary code, via vectors involving (1) closing a tab or (2) hiding a tab, a related issue to CVE-2005-2407. | |||||
| CVE-2010-4584 | 1 Opera | 1 Opera Browser | 2024-02-28 | 2.6 LOW | N/A |
| Opera before 11.00, when Opera Turbo is used, does not properly present information about problematic X.509 certificates on https web sites, which might make it easier for remote attackers to spoof trusted content via a crafted web site. | |||||
| CVE-2011-0683 | 1 Opera | 1 Opera Browser | 2024-02-28 | 4.3 MEDIUM | N/A |
| Opera before 11.01 does not properly restrict the use of opera: URLs, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site. | |||||
| CVE-2010-2665 | 4 Apple, Microsoft, Opera and 1 more | 4 Mac Os X, Windows, Opera Browser and 1 more | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Opera before 10.54 on Windows and Mac OS X, and before 10.11 on UNIX platforms, allows remote attackers to inject arbitrary web script or HTML via a data: URI, related to incorrect detection of the "opening site." | |||||
| CVE-2010-4044 | 1 Opera | 1 Opera Browser | 2024-02-28 | 4.3 MEDIUM | N/A |
| Opera before 10.63 does not ensure that the portion of a URL shown in the Address Bar contains the beginning of the URL, which allows remote attackers to spoof URLs by changing a window's size. | |||||