Vulnerabilities > Opera
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-26 | CVE-2018-16135 | Unspecified vulnerability in Opera Mini 47.1.2249.129326 The Opera Mini application 47.1.2249.129326 for Android allows remote attackers to spoof the Location Permission dialog via a crafted web site. | 6.5 |
2021-01-11 | CVE-2021-23253 | Unspecified vulnerability in Opera Mini Opera Mini for Android below 53.1 displays URL left-aligned in the address field. | 5.3 |
2020-12-23 | CVE-2020-6159 | Cross-site Scripting vulnerability in Opera 52.1.2517.139570/54.0.2669.49432 URLs using “javascript:” have the protocol removed when pasted into the address bar to protect users from cross-site scripting (XSS) attacks, but in certain circumstances this removal was not performed. | 6.1 |
2020-11-13 | CVE-2020-6157 | Unspecified vulnerability in Opera Touch Opera Touch for iOS before version 2.4.5 is vulnerable to an address bar spoofing attack. | 4.3 |
2020-03-12 | CVE-2019-12278 | Unspecified vulnerability in Opera 52.1.2517.139570 Opera through 53 on Android allows Address Bar Spoofing. | 4.3 |
2019-12-18 | CVE-2019-19788 | Unspecified vulnerability in Opera 52.1.2517.139570 Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed cross-origin iframe bypass attack. | 5.5 |
2019-10-29 | CVE-2019-18624 | Unspecified vulnerability in Opera Mini 44.1.2254.142553/44.1.2254.142659/44.1.2254.143214 Opera Mini for Android allows attackers to bypass intended restrictions on .apk file download/installation via an RTLO (aka Right to Left Override) approach, as demonstrated by misinterpretation of malicious%E2%80%AEtxt.apk as maliciouskpa.txt. | 9.8 |
2019-07-18 | CVE-2019-13607 | Cross-site Scripting vulnerability in Opera Mini 16.0.14 The Opera Mini application through 16.0.14 for iOS has a UXSS vulnerability that can be triggered by performing navigation to a javascript: URL. | 6.1 |
2019-03-21 | CVE-2018-18913 | Untrusted Search Path vulnerability in Opera Browser Opera before 57.0.3098.106 is vulnerable to a DLL Search Order hijacking attack where an attacker can send a ZIP archive composed of an HTML page along with a malicious DLL to the target. | 7.8 |
2018-03-28 | CVE-2018-6608 | Information Exposure vulnerability in Opera Browser 51.0.2830.55 In the WebRTC component in Opera 51.0.2830.55, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request. | 4.3 |