cbcvebase.

Opera Browser vulnerabilities

274 known vulnerabilities affecting opera/opera_browser.

Total CVEs
274
CISA KEV
0
Public exploits
26
Exploited in wild
2
Severity breakdown
CRITICAL43HIGH23MEDIUM196LOW12

Vulnerabilities

Page 14 of 14
CVE-2004-1490P4LOWCVSS 2.6≤ 7.542004-12-31
CVE-2004-1490 [LOW] CVE-2004-1490: Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots a Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers.
nvd
CVE-2012-4146P4MEDIUMCVSS 4.3≤ 12.00v1.00+101 more2012-08-06
CVE-2012-4146 [MEDIUM] CWE-119 CVE-2012-4146: Opera before 12.01 allows remote attackers to cause a denial of service (application crash) via a cr Opera before 12.01 allows remote attackers to cause a denial of service (application crash) via a crafted web site, as demonstrated by the Lenovo "Shop now" page.
nvd
CVE-2011-2611P4MEDIUMCVSS 4.3≤ 11.50v5.0+76 more2011-07-01
CVE-2011-2611 [MEDIUM] CVE-2011-2611: Unspecified vulnerability in the printing functionality in Opera before 11.50 allows user-assisted r Unspecified vulnerability in the printing functionality in Opera before 11.50 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page.
nvd
CVE-2012-1930P4MEDIUMCVSS 4.6≤ 11.61v5.0+76 more2012-03-28
CVE-2012-1930 [MEDIUM] CWE-264 CVE-2012-1930: Opera before 11.62 on UNIX uses world-readable permissions for temporary files during printing, whic Opera before 11.62 on UNIX uses world-readable permissions for temporary files during printing, which allows local users to obtain sensitive information by reading these files.
nvd
CVE-2012-3562P4MEDIUMCVSS 4.3≤ 11.65v5.0+81 more2012-06-14
CVE-2012-3562 [MEDIUM] CVE-2012-3562: Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (applicat Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page that is not properly handled during a reload, as demonstrated by a "multiple origin camera test" page.
nvd
CVE-2004-2083P4LOWCVSS 2.6≥ 7.0, ≤ 7.232004-02-11
CVE-2004-2083 [LOW] CVE-2004-2083: Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."
nvd
CVE-2010-4048P4MEDIUMCVSS 4.3≤ 10.62v5.0+69 more2010-10-21
CVE-2010-4048 [MEDIUM] CWE-20 CVE-2010-4048: Opera before 10.63 allows user-assisted remote web servers to cause a denial of service (application Opera before 10.63 allows user-assisted remote web servers to cause a denial of service (application crash) by sending a redirect during the saving of a file.
nvd
CVE-2010-4583P4LOWCVSS 2.6≤ 11.00v5.0+71 more2010-12-22
CVE-2010-4583 [LOW] CVE-2010-4583: Opera before 11.00, when Opera Turbo is enabled, does not display a page's security indication, whic Opera before 11.00, when Opera Turbo is enabled, does not display a page's security indication, which makes it easier for remote attackers to spoof trusted content via a crafted web site.
nvd
CVE-2006-6955P4MEDIUMCVSS 4.3v5.0v5.02+65 more2007-01-29
CVE-2006-6955 [MEDIUM] CWE-20 CVE-2006-6955: Opera allows remote attackers to cause a denial of service (application crash) via a web page that c Opera allows remote attackers to cause a denial of service (application crash) via a web page that contains a large number of nested marquee tags, a related issue to CVE-2006-2723.
nvd
CVE-2005-2273P4LOWCVSS 2.6≥ 7.00, < 8.012005-07-13
CVE-2005-2273 [LOW] CVE-2005-2273: Opera 7.x and 8 before 8.01 does not clearly associate a Javascript dialog box with the web page tha Opera 7.x and 8 before 8.01 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."
nvd
CVE-2012-3558P4LOWCVSS 2.6≤ 11.64v5.0+80 more2012-06-14
CVE-2012-3558 [LOW] CWE-264 CVE-2012-3558: Opera before 11.65 does not ensure that the address field corresponds to the displayed web page duri Opera before 11.65 does not ensure that the address field corresponds to the displayed web page during unusually timed changes to this field, which makes it easier for user-assisted remote attackers to conduct spoofing attacks via vectors involving navigation, reloads, and redirects.
nvd
CVE-2010-4584P4LOWCVSS 2.6≤ 11.00v5.0+71 more2010-12-22
CVE-2010-4584 [LOW] CWE-310 CVE-2010-4584: Opera before 11.00, when Opera Turbo is used, does not properly present information about problemati Opera before 11.00, when Opera Turbo is used, does not properly present information about problematic X.509 certificates on https web sites, which might make it easier for remote attackers to spoof trusted content via a crafted web site.
nvd
CVE-2011-0685P4LOWCVSS 2.1≤ 11.00v5.0+72 more2011-01-31
CVE-2011-0685 [LOW] CWE-20 CVE-2011-0685: The Delete Private Data feature in Opera before 11.01 does not properly implement the "Clear all ema The Delete Private Data feature in Opera before 11.01 does not properly implement the "Clear all email account passwords" option, which might allow physically proximate attackers to access an e-mail account via an unattended workstation.
nvd
CVE-2004-1615P4LOWCVSS 2.6≤ 7.542004-10-18
CVE-2004-1615 [LOW] CVE-2004-1615: Opera allows remote attackers to cause a denial of service (invalid memory reference and application Opera allows remote attackers to cause a denial of service (invalid memory reference and application crash) via a web page or HTML email that contains a TBODY tag with a large COL SPAN value, as demonstrated by mangleme.
nvd