Vulnerabilities > Opera > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-26 | CVE-2018-16135 | Unspecified vulnerability in Opera Mini 47.1.2249.129326 The Opera Mini application 47.1.2249.129326 for Android allows remote attackers to spoof the Location Permission dialog via a crafted web site. | 6.5 |
| 2021-01-11 | CVE-2021-23253 | Unspecified vulnerability in Opera Mini Opera Mini for Android below 53.1 displays URL left-aligned in the address field. | 5.3 |
| 2020-12-23 | CVE-2020-6159 | Cross-site Scripting vulnerability in Opera 52.1.2517.139570/54.0.2669.49432 URLs using “javascript:” have the protocol removed when pasted into the address bar to protect users from cross-site scripting (XSS) attacks, but in certain circumstances this removal was not performed. | 6.1 |
| 2020-11-13 | CVE-2020-6157 | Unspecified vulnerability in Opera Touch Opera Touch for iOS before version 2.4.5 is vulnerable to an address bar spoofing attack. | 4.3 |
| 2020-03-12 | CVE-2019-12278 | Unspecified vulnerability in Opera 52.1.2517.139570 Opera through 53 on Android allows Address Bar Spoofing. | 4.3 |
| 2019-12-18 | CVE-2019-19788 | Unspecified vulnerability in Opera 52.1.2517.139570 Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed cross-origin iframe bypass attack. | 5.5 |
| 2019-07-18 | CVE-2019-13607 | Cross-site Scripting vulnerability in Opera Mini 16.0.14 The Opera Mini application through 16.0.14 for iOS has a UXSS vulnerability that can be triggered by performing navigation to a javascript: URL. | 6.1 |
| 2018-03-28 | CVE-2018-6608 | Information Exposure vulnerability in Opera Browser 51.0.2830.55 In the WebRTC component in Opera 51.0.2830.55, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request. | 4.3 |
| 2017-04-21 | CVE-2016-4075 | Open Redirect vulnerability in Opera Browser and Opera Mini Opera Mini 13 and Opera Stable 36 allow remote attackers to spoof the displayed URL via a crafted HTML document, related to the about:blank URL. | 6.1 |
| 2017-01-26 | CVE-2016-6908 | Open Redirect vulnerability in Opera Browser 37.0.2192.105088 Characters from languages are such as Arabic, Hebrew are displayed from RTL (Right To Left) order in Opera 37.0.2192.105088 for Android, due to mishandling of several unicode characters such as U+FE70, U+0622, U+0623 etc and how they are rendered combined with (first strong character) such as an IP address or alphabet could lead to a spoofed URL. | 6.1 |