VYPR

Opera Mini

by Opera

CVEs (7)

  • CVE-2016-4075MedApr 21, 2017
    risk 0.40cvss 6.1epss 0.01

    Opera Mini 13 and Opera Stable 36 allow remote attackers to spoof the displayed URL via a crafted HTML document, related to the about:blank URL.

  • CVE-2020-6158MedFeb 21, 2025
    risk 0.31cvss 4.7epss 0.00

    Opera Mini for Android before version 52.2 is vulnerable to an address bar spoofing attack. The vulnerability allows a malicious page to trick the browser into showing an address of a different page. This may allow the malicious page to impersonate another page and trick a user…

  • CVE-2018-16135Dec 26, 2022
    risk 0.00cvss epss 0.01

    The Opera Mini application 47.1.2249.129326 for Android allows remote attackers to spoof the Location Permission dialog via a crafted web site.

  • CVE-2021-23253Jan 11, 2021
    risk 0.00cvss epss 0.01

    Opera Mini for Android below 53.1 displays URL left-aligned in the address field. This allows a malicious attacker to craft a URL with a long domain name, e.g. www.safe.opera.com.attacker.com. With the URL being left-aligned, the user will only see the front part (e.g.…

  • CVE-2019-18624Oct 29, 2019
    risk 0.00cvss epss 0.01

    Opera Mini for Android allows attackers to bypass intended restrictions on .apk file download/installation via an RTLO (aka Right to Left Override) approach, as demonstrated by misinterpretation of malicious%E2%80%AEtxt.apk as maliciouskpa.txt. This affects 44.1.2254.142553,…

  • CVE-2019-13607Jul 18, 2019
    risk 0.00cvss epss 0.01

    The Opera Mini application through 16.0.14 for iOS has a UXSS vulnerability that can be triggered by performing navigation to a javascript: URL.

  • CVE-2012-5180Dec 26, 2012
    risk 0.00cvss epss 0.01

    The Opera Mobile application before 12.1 and Opera Mini application before 7.5 for Android do not properly implement the WebView class, which allows attackers to obtain sensitive information via a crafted application.