| CVE-2008-4197 | Hig | 0.58 | 8.8 | 0.05 | | Sep 27, 2008 | Opera before 9.52 on Windows, Linux, FreeBSD, and Solaris, when processing custom shortcut and menu commands, can produce argument strings that contain uninitialized memory, which might allow user-assisted remote attackers to execute arbitrary code or conduct other attacks via vectors related to activation of a shortcut. |
| CVE-2009-3046 | Hig | 0.49 | 7.5 | 0.00 | | Sep 2, 2009 | Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes it easier for remote SSL servers to bypass validation of the certificate chain via a revoked certificate. |
| CVE-2015-4000 | Low | 0.35 | 3.7 | 0.94 | | May 21, 2015 | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. |
| CVE-2012-6470 | | 0.06 | — | 0.31 | | Jan 2, 2013 | Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image. |
| CVE-2010-1349 | | 0.06 | — | 0.42 | | Apr 12, 2010 | Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow. |
| CVE-2013-1638 | | 0.05 | — | 0.25 | | Feb 8, 2013 | Opera before 12.13 allows remote attackers to execute arbitrary code via crafted clipPaths in an SVG document. |
| CVE-2008-5680 | | 0.05 | — | 0.20 | | Dec 19, 2008 | Multiple buffer overflows in Opera before 9.63 might allow (1) remote attackers to execute arbitrary code via a crafted text area, or allow (2) user-assisted remote attackers to execute arbitrary code via a long host name in a file: URL. NOTE: this might overlap CVE-2008-5178. |
| CVE-2008-1762 | | 0.05 | — | 0.25 | | Apr 12, 2008 | Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted scaled image pattern in an HTML CANVAS element, which triggers memory corruption. |
| CVE-2004-1491 | | 0.05 | — | 0.26 | | Dec 31, 2004 | Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. |
| CVE-2011-2628 | | 0.04 | — | 0.12 | | Jul 1, 2011 | Opera before 11.11 does not properly implement FRAMESET elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to page unload. |
| CVE-2009-1234 | | 0.04 | — | 0.16 | | Apr 2, 2009 | Opera 9.64 allows remote attackers to cause a denial of service (application crash) via an XML document containing a long series of start-tags with no corresponding end-tags. NOTE: it was later reported that 9.52 is also affected. |
| CVE-2008-4725 | | 0.04 | — | 0.14 | | Oct 23, 2008 | Cross-site scripting (XSS) vulnerability in Opera.dll in Opera 9.52 allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly escaped before storage in the History Search database (aka md.dat), a different vector than CVE-2008-4696. NOTE: some of these issues were addressed before 9.60. |
| CVE-2008-4694 | | 0.04 | — | 0.17 | | Oct 23, 2008 | Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a redirect that specifies a crafted URL. |
| CVE-2007-2274 | | 0.04 | — | 0.07 | | Apr 25, 2007 | The BitTorrent implementation in Opera 9.2 allows remote attackers to cause a denial of service (CPU consumption and application crash) via a malformed torrent file. NOTE: the original disclosure refers to this as a memory leak, but it is not certain. |
| CVE-2007-1563 | | 0.04 | — | 0.10 | | Mar 21, 2007 | The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response. |
| CVE-2007-1377 | | 0.04 | — | 0.17 | | Mar 10, 2007 | AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236. |
| CVE-2007-0126 | | 0.04 | — | 0.15 | | Jan 9, 2007 | Heap-based buffer overflow in Opera 9.02 allows remote attackers to execute arbitrary code via a JPEG file with an invalid number of index bytes in the Define Huffman Table (DHT) marker. |
| CVE-2006-3353 | | 0.04 | — | 0.11 | | Jul 6, 2006 | Opera 9 allows remote attackers to cause a denial of service (crash) via a crafted web page that triggers an out-of-bounds memory access, related to an iframe and JavaScript that accesses certain style sheets properties. |
| CVE-2006-3199 | | 0.04 | — | 0.19 | | Jun 23, 2006 | Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attribute with a URL containing a long hostname, which triggers an out-of-bounds operation. |
| CVE-2006-1834 | | 0.04 | — | 0.16 | | Apr 19, 2006 | Integer signedness error in Opera before 8.54 allows remote attackers to execute arbitrary code via long values in a stylesheet attribute, which pass a length check. NOTE: a sign extension problem makes the attack easier with shorter strings. |
