Vulnerabilities > Opera > Opera
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-10-30 | CVE-2008-4794 | Improper Input Validation vulnerability in Opera Opera before 9.62 allows remote attackers to execute arbitrary commands via the History Search results page, a different vulnerability than CVE-2008-4696. | 9.3 |
2008-10-23 | CVE-2008-4696 | Cross-Site Scripting vulnerability in Opera Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the "optional fragment"), which is not properly escaped before storage in the History Search database (aka md.dat). | 4.3 |
2008-10-23 | CVE-2008-4695 | Information Exposure vulnerability in Opera Opera before 9.60 allows remote attackers to obtain sensitive information and have unspecified other impact by predicting the cache pathname of a cached Java applet and then launching this applet from the cache, leading to applet execution within the local-machine context. | 9.3 |
2008-09-27 | CVE-2008-4293 | Multiple Security vulnerability in Opera Web Browser 9.51 Unspecified vulnerability in Opera before 9.52 on Windows, when registered as a protocol handler, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors in which Opera is launched by other applications. | 10.0 |
2008-07-14 | CVE-2008-3172 | Permissions, Privileges, and Access Controls vulnerability in Opera Opera allows web sites to set cookies for country-specific top-level domains that have DNS A records, such as co.tv, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking." | 6.8 |
2008-07-09 | CVE-2008-3079 | Remote Security vulnerability in Opera Unspecified vulnerability in Opera before 9.51 on Windows allows attackers to execute arbitrary code via unknown vectors. | 10.0 |
2008-04-12 | CVE-2008-1764 | Unspecified vulnerability in Opera Unspecified vulnerability in Opera before 9.27 has unknown impact and attack vectors related to "keyboard handling of password inputs." | 9.3 |
2008-04-12 | CVE-2008-1761 | Resource Management Errors vulnerability in Opera Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted newsfeed source, which triggers an invalid memory access. | 9.3 |
2003-12-31 | CVE-2003-1561 | Information Disclosure vulnerability in Opera Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. network opera | 4.3 |