Vulnerabilities > Opera > High

DATE CVE VULNERABILITY TITLE RISK
2012-06-14 CVE-2012-3555 Unspecified vulnerability in Opera Browser
Opera before 11.65 does not ensure that keyboard sequences are associated with a visible window, which makes it easier for user-assisted remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary code via a crafted web site, related to a "hidden keyboard navigation" issue.
network
high complexity
opera
7.6
2011-01-31 CVE-2011-0450 Remote Security vulnerability in Opera Web Browser
The downloads manager in Opera before 11.01 on Windows does not properly determine the pathname of the filesystem-viewing application, which allows user-assisted remote attackers to execute arbitrary code via a crafted web site that hosts an executable file.
network
high complexity
opera microsoft
7.6
2009-09-02 CVE-2009-3046 Improper Certificate Validation vulnerability in Opera Browser
Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes it easier for remote SSL servers to bypass validation of the certificate chain via a revoked certificate.
network
low complexity
opera CWE-295
7.5
2008-12-19 CVE-2008-5683 Information Exposure vulnerability in Opera Browser
Unspecified vulnerability in Opera before 9.63 allows remote attackers to "reveal random data" via unknown vectors.
network
low complexity
opera CWE-200
7.8
2008-09-27 CVE-2008-4197 Use of Uninitialized Resource vulnerability in Opera Browser
Opera before 9.52 on Windows, Linux, FreeBSD, and Solaris, when processing custom shortcut and menu commands, can produce argument strings that contain uninitialized memory, which might allow user-assisted remote attackers to execute arbitrary code or conduct other attacks via vectors related to activation of a shortcut.
network
low complexity
opera CWE-908
8.8
2008-07-09 CVE-2008-3078 Information Exposure vulnerability in Opera Browser
Opera before 9.51 does not properly manage memory within functions supporting the CANVAS element, which allows remote attackers to read uninitialized memory contents by using JavaScript to read a canvas image.
network
low complexity
opera CWE-200
7.8
2007-12-24 CVE-2007-6524 Information Exposure vulnerability in Opera Browser
Opera before 9.25 allows remote attackers to obtain potentially sensitive memory contents via a crafted bitmap (BMP) file, as demonstrated using a CANVAS element and JavaScript in an HTML document for copying these contents from 9.50 beta, a related issue to CVE-2008-0420.
network
low complexity
opera CWE-200
7.8
2007-12-24 CVE-2007-6523 Resource Management Errors vulnerability in Opera Browser
Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service (CPU consumption) via a crafted bitmap (BMP) file that triggers a large number of calculations and checks.
network
low complexity
opera CWE-399
7.8
2007-10-18 CVE-2007-5540 Improper Input Validation vulnerability in Opera Browser
Unspecified vulnerability in Opera before 9.24 allows remote attackers to overwrite functions on pages from other domains and bypass the same-origin policy via unknown vectors.
network
low complexity
opera CWE-20
7.5
2007-04-25 CVE-2007-2274 Memory Leak vulnerability in Opera Browser 9.2
The BitTorrent implementation in Opera 9.2 allows remote attackers to cause a denial of service (CPU consumption and application crash) via a malformed torrent file.
network
low complexity
opera CWE-401
7.8