Total
285 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3021 | 1 Opera | 1 Opera Browser | 2026-04-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 10.61 allows remote attackers to cause a denial of service (CPU consumption and application hang) via an animated PNG image. | |||||
| CVE-2010-4044 | 1 Opera | 1 Opera Browser | 2026-04-29 | 4.3 MEDIUM | N/A |
| Opera before 10.63 does not ensure that the portion of a URL shown in the Address Bar contains the beginning of the URL, which allows remote attackers to spoof URLs by changing a window's size. | |||||
| CVE-2010-2662 | 1 Opera | 1 Opera Browser | 2026-04-29 | 4.3 MEDIUM | N/A |
| Opera before 10.60 allows remote attackers to bypass the popup blocker via a javascript: URL and a "fake click." | |||||
| CVE-2012-6465 | 1 Opera | 1 Opera Browser | 2026-04-29 | 9.3 HIGH | N/A |
| Opera before 12.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed SVG image. | |||||
| CVE-2012-1931 | 2 Opera, Unix | 2 Opera Browser, Unix | 2026-04-29 | 4.6 MEDIUM | N/A |
| Opera before 11.62 on UNIX, when used in conjunction with an unspecified printing application, allows local users to overwrite arbitrary files via a symlink attack on a temporary file during printing. | |||||
| CVE-2012-6461 | 1 Opera | 1 Opera Browser | 2026-04-29 | 5.0 MEDIUM | N/A |
| The X.509 certificate-validation functionality in the https implementation in Opera before 12.10 allows remote attackers to trigger a false indication of successful revocation-status checking by causing a failure of a single checking service. | |||||
| CVE-2011-2634 | 1 Opera | 1 Opera Browser | 2026-04-29 | 5.0 MEDIUM | N/A |
| Opera before 11.10 allows remote attackers to hijack (1) searches and (2) customizations via unspecified third party applications. | |||||
| CVE-2011-2637 | 1 Opera | 1 Opera Browser | 2026-04-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by futura-sciences.com, seoptimise.com, and mitosyfraudes.org. | |||||
| CVE-2011-2628 | 1 Opera | 1 Opera Browser | 2026-04-29 | 10.0 HIGH | N/A |
| Opera before 11.11 does not properly implement FRAMESET elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to page unload. | |||||
| CVE-2012-3567 | 1 Opera | 1 Opera Browser | 2026-04-29 | 5.0 MEDIUM | N/A |
| Opera before 12.00 Beta allows remote attackers to cause a denial of service (memory consumption or application hang) via an IFRAME element that uses the src="#" syntax to embed a parent document. | |||||
| CVE-2011-2620 | 1 Opera | 1 Opera Browser | 2026-04-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors involving SVG animation. | |||||
| CVE-2012-1930 | 2 Opera, Unix | 2 Opera Browser, Unix | 2026-04-29 | 4.6 MEDIUM | N/A |
| Opera before 11.62 on UNIX uses world-readable permissions for temporary files during printing, which allows local users to obtain sensitive information by reading these files. | |||||
| CVE-2010-3020 | 1 Opera | 1 Opera Browser | 2026-04-29 | 5.0 MEDIUM | N/A |
| The news-feed preview feature in Opera before 10.61 does not properly remove scripts, which allows remote attackers to force subscriptions to arbitrary feeds via crafted content. | |||||
| CVE-2013-1639 | 1 Opera | 1 Opera Browser | 2026-04-29 | 6.8 MEDIUM | N/A |
| Opera before 12.13 does not send CORS preflight requests in all required cases, which allows remote attackers to bypass a CSRF protection mechanism via a crafted web site that triggers a CORS request. | |||||
| CVE-2012-3561 | 1 Opera | 1 Opera Browser | 2026-04-29 | 10.0 HIGH | N/A |
| Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string. | |||||
| CVE-2011-2629 | 1 Opera | 1 Opera Browser | 2026-04-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by www.falk.de. | |||||
| CVE-2013-3210 | 1 Opera | 1 Opera Browser | 2026-04-29 | 5.0 MEDIUM | N/A |
| Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the same top-level domain. | |||||
| CVE-2011-2617 | 1 Opera | 1 Opera Browser | 2026-04-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors related to selecting a text node, and closed pop-up windows, removed pop-up windows, and IFRAME elements. | |||||
| CVE-2011-2640 | 1 Opera | 1 Opera Browser | 2026-04-29 | 5.0 MEDIUM | N/A |
| Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via an HTML document that has an empty parameter value for an embedded Java applet. | |||||
| CVE-2012-6467 | 1 Opera | 1 Opera Browser | 2026-04-29 | 4.3 MEDIUM | N/A |
| Opera before 12.10 follows Internet shortcuts that are referenced by a (1) IMG element or (2) other inline element, which makes it easier for remote attackers to conduct phishing attacks via a crafted web site, as exploited in the wild in November 2012. | |||||