Vulnerabilities > Opera
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-05-06 | CVE-2010-1728 | Resource Management Errors vulnerability in Opera Browser Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop, leading to attempted use of uninitialized memory. | 9.3 |
| 2010-04-12 | CVE-2010-1349 | Numeric Errors vulnerability in Opera Browser 10.10/10.50 Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow. | 10.0 |
| 2010-04-08 | CVE-2010-1310 | Information Exposure vulnerability in Opera Browser 10.50 Opera 10.50 allows remote attackers to obtain sensitive information via crafted XSLT constructs, which cause Opera to return cached contents of other pages. | 5.0 |
| 2010-02-18 | CVE-2010-0653 | Information Exposure vulnerability in Opera Browser Opera before 10.10 permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document. | 4.3 |
| 2009-11-24 | CVE-2009-4072 | Remote Security vulnerability in Opera Web Browser Unspecified vulnerability in Opera before 10.10 has unknown impact and attack vectors, related to a "moderately severe issue." | 10.0 |
| 2009-11-24 | CVE-2009-4071 | Configuration vulnerability in Opera Browser Opera before 10.10, when exception stacktraces are enabled, places scripting error messages from a web site into variables that can be read by a different web site, which allows remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via unspecified vectors. | 5.8 |
| 2009-10-30 | CVE-2009-3832 | Open Redirect vulnerability in Opera Browser Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site. | 5.8 |
| 2009-10-30 | CVE-2009-3831 | Out-of-bounds Write vulnerability in Opera Browser Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name. | 9.3 |
| 2009-09-18 | CVE-2009-3269 | Resource Management Errors vulnerability in Opera Browser Opera 9.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a series of automatic submissions of a form containing a KEYGEN element, a related issue to CVE-2009-1828. | 5.0 |
| 2009-09-18 | CVE-2009-3266 | Cross-Site Scripting vulnerability in Opera Browser Opera before 10.01 does not properly restrict HTML in a (1) RSS or (2) Atom feed, which allows remote attackers to conduct cross-site scripting (XSS) attacks, and conduct cross-zone scripting attacks involving the Feed Subscription Page to read feeds or create feed subscriptions, via a crafted feed, related to the rendering of the application/rss+xml content type as "scripted content." | 4.3 |