Opera Browser

Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the same top-level domain.

Published: 2013-04-19T10:00:00.000Z
Updated: 2024-09-16T23:15:57.128Z

Opera before 11.60 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified content on a web page, as demonstrated by a page under the cisco.com home page.

Published: 2011-12-07T19:00:00.000Z
Updated: 2024-09-16T21:08:01.131Z

Unspecified vulnerability in the Web Workers implementation in Opera before 11.60 allows remote attackers to cause a denial of service (application crash) via unknown vectors.

Published: 2011-12-07T19:00:00.000Z
Updated: 2024-09-16T19:19:27.723Z

Dragonfly in Opera before 11.60 allows remote attackers to cause a denial of service (application crash) via unspecified content on a web page, as demonstrated by forbes.com.

Published: 2011-12-07T19:00:00.000Z
Updated: 2024-09-16T21:02:49.971Z

Opera before 11.60 does not properly handle certificate revocation, which has unspecified impact and remote attack vectors related to "corner cases."

Published: 2011-12-07T19:00:00.000Z
Updated: 2024-09-17T02:47:08.725Z

Unspecified vulnerability in Opera before 11.60 has unknown impact and attack vectors, related to a "moderately severe issue."

Published: 2011-12-07T19:00:00.000Z
Updated: 2024-09-17T02:47:42.740Z

The JavaScript engine in Opera before 11.60 does not properly implement the in operator, which allows remote attackers to bypass the Same Origin Policy via vectors related to variables on different web sites.

Published: 2011-12-07T19:00:00.000Z
Updated: 2024-09-17T00:51:49.085Z

Opera before 11.60 does not properly consider the number of . (dot) characters that conventionally exist in domain names of different top-level domains, which allows remote attackers to bypass the Same Origin Policy by leveraging access to a different domain name in the same top-level domain, as demonstrated by the .no or .uk domain.

Published: 2011-12-07T19:00:00.000Z
Updated: 2024-09-16T17:57:48.770Z

Opera before 11.51 allows remote attackers to cause an insecure site to appear secure or trusted via unspecified actions related to Extended Validation and loading content from trusted sources in an unspecified sequence that causes the address field and page information dialog to contain security information based on the trusted site, instead of the insecure site.

Published: 2011-09-06T19:00:00.000Z
Updated: 2024-08-06T23:29:56.929Z

Unspecified vulnerability in the DOM implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by live.com.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-17T02:01:32.023Z

Opera before 11.50 allows remote attackers to cause a denial of service (application crash) by using "injected script" to set the SRC attribute of an IFRAME element.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-17T01:55:54.152Z

Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a SELECT element that contains many OPTION elements.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-16T23:31:35.623Z

Opera before 11.50 allows user-assisted remote attackers to cause a denial of service (application hang) via a large table, which is not properly handled during a print preview.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-17T02:36:28.302Z

Unspecified vulnerability in the SVG BiDi implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash or hang) via unknown vectors.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-16T19:41:33.116Z

Unspecified vulnerability in the Web Workers implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown vectors.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-17T01:25:38.188Z

Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors related to form layout.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-17T01:56:04.298Z

Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors involving SVG animation.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-16T19:26:01.395Z

Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a gradient with many stops, related to the implementation of CANVAS elements, SVG, and Cascading Style Sheets (CSS).

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-16T19:37:01.387Z

Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via web script that moves a (1) AUDIO element or (2) VIDEO element between windows.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-16T16:13:53.264Z

Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors related to selecting a text node, and closed pop-up windows, removed pop-up windows, and IFRAME elements.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-16T20:57:48.170Z

Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (memory consumption) via unknown content on a web page, as demonstrated by test262.ecmascript.org.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-16T17:27:39.714Z

Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application hang) via unknown content on a web page, as demonstrated by domiteca.com.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-16T19:24:44.700Z

The SVG implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors involving a path on which many characters are drawn.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-16T19:24:31.806Z

The Array.prototype.join method in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a non-array object that contains initial holes.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-17T00:11:50.791Z

Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by progorod.ru.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-17T04:03:37.195Z

Unspecified vulnerability in the printing functionality in Opera before 11.50 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-09-17T03:07:45.642Z

Unspecified vulnerability in Opera before 11.50 has unknown impact and attack vectors, related to a "moderately severe issue."

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-08-06T23:08:23.416Z

Opera before 11.50 does not properly restrict data: URIs, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-08-06T23:08:23.364Z

Opera before 11.50 allows remote attackers to cause a denial of service (disk consumption) via invalid URLs that trigger creation of error pages.

Published: 2011-07-01T10:00:00.000Z
Updated: 2024-08-06T22:21:34.577Z