Approved changes feed: RSS · Atom

cpe:2.3:a:opera:opera:5.1:*:*:*:*:*:*:*

part: a version: 5.1 update: *

VendorOpera (59f0a105-cac9-5c1f-b0fb-85549d53b66c)
ProductOpera (04934513-2c84-5dd7-999a-3f3bfba8c6c5)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2009-2068 vulnerable 2026-06-08 04:51:26.554388 Details available
Google Chrome detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."
Published: 2009-06-15T19:00:00.000Z
Updated: 2024-08-07T05:36:20.994Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-5679 vulnerable 2026-06-08 04:50:52.302273 Details available
The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via crafted web pages that trigger an invalid pointer calculation and heap corruption.
Published: 2008-12-19T16:09:00.000Z
Updated: 2024-08-07T11:04:44.051Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-4795 vulnerable 2026-06-08 04:50:48.191956 Details available
The links panel in Opera before 9.62 processes Javascript within the context of the "outermost page" of a frame, which allows remote attackers to inject arbitrary web script or HTML via cross-site scripting (XSS) attacks.
Published: 2008-10-30T20:49:00.000Z
Updated: 2024-08-07T10:31:27.863Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-4794 vulnerable 2026-06-08 04:50:48.189899 Details available
Opera before 9.62 allows remote attackers to execute arbitrary commands via the History Search results page, a different vulnerability than CVE-2008-4696.
Published: 2008-10-30T20:49:00.000Z
Updated: 2024-08-07T10:31:27.365Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-4696 vulnerable 2026-06-08 04:50:47.900550 Details available
Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the "optional fragment"), which is not properly escaped before storage in the History Search database (aka md.dat).
Published: 2008-10-23T21:00:00.000Z
Updated: 2024-08-07T10:24:20.696Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-4293 vulnerable 2026-06-08 04:50:38.458108 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-1764 vulnerable 2026-06-08 04:50:21.764289 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.