Opera Browser
by Opera
CVEs (280)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-7297 | 0.00 | — | 0.01 | Aug 9, 2011 | Opera cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS)… | |||
| CVE-2011-2640 | 0.00 | — | 0.02 | Jul 1, 2011 | Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via an HTML document that has an empty parameter value for an embedded Java applet. | |||
| CVE-2011-2639 | 0.00 | — | 0.02 | Jul 1, 2011 | Opera before 11.10 does not properly handle hidden animated GIF images, which allows remote attackers to cause a denial of service (CPU consumption) via an image file that triggers continual repaints. | |||
| CVE-2011-2638 | 0.00 | — | 0.02 | Jul 1, 2011 | Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by games on zylom.com. | |||
| CVE-2011-2637 | 0.00 | — | 0.02 | Jul 1, 2011 | Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by futura-sciences.com, seoptimise.com, and mitosyfraudes.org. | |||
| CVE-2011-2636 | 0.00 | — | 0.02 | Jul 1, 2011 | Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by a certain Tomato Firmware page. | |||
| CVE-2011-2635 | 0.00 | — | 0.02 | Jul 1, 2011 | The Cascading Style Sheets (CSS) implementation in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via vectors involving use of the :hover pseudo-class, in conjunction with transforms, for a floated element. | |||
| CVE-2011-2634 | 0.00 | — | 0.02 | Jul 1, 2011 | Opera before 11.10 allows remote attackers to hijack (1) searches and (2) customizations via unspecified third party applications. | |||
| CVE-2011-2633 | 0.00 | — | 0.01 | Jul 1, 2011 | Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service (application crash) via vectors involving a Certificate Revocation List (CRL) file, as demonstrated by the multicert-ca-02.crl file. | |||
| CVE-2011-2632 | 0.00 | — | 0.02 | Jul 1, 2011 | Opera before 11.11 does not properly handle destruction of a Silverlight instance, which allows remote attackers to cause a denial of service (application crash) via a web page, as demonstrated by vod.onet.pl. | |||
| CVE-2011-2631 | 0.00 | — | 0.02 | Jul 1, 2011 | The Cascading Style Sheets (CSS) implementation in Opera before 11.11 does not properly handle the column-count property, which allows remote attackers to cause a denial of service (infinite repaint loop and application hang) via a web page, as demonstrated by an unspecified… | |||
| CVE-2011-2630 | 0.00 | — | 0.01 | Jul 1, 2011 | Opera before 11.11 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page that is not properly handled during a reload occurring after the opening of a popup of the Easy Sticky Note extension. | |||
| CVE-2011-2629 | 0.00 | — | 0.02 | Jul 1, 2011 | Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by www.falk.de. | |||
| CVE-2011-2627 | 0.00 | — | 0.02 | Jul 1, 2011 | Unspecified vulnerability in the DOM implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by live.com. | |||
| CVE-2011-2626 | 0.00 | — | 0.02 | Jul 1, 2011 | Opera before 11.50 allows remote attackers to cause a denial of service (application crash) by using "injected script" to set the SRC attribute of an IFRAME element. | |||
| CVE-2011-2625 | 0.00 | — | 0.02 | Jul 1, 2011 | Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a SELECT element that contains many OPTION elements. | |||
| CVE-2011-2624 | 0.00 | — | 0.02 | Jul 1, 2011 | Opera before 11.50 allows user-assisted remote attackers to cause a denial of service (application hang) via a large table, which is not properly handled during a print preview. | |||
| CVE-2011-2623 | 0.00 | — | 0.02 | Jul 1, 2011 | Unspecified vulnerability in the SVG BiDi implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash or hang) via unknown vectors. | |||
| CVE-2011-2622 | 0.00 | — | 0.02 | Jul 1, 2011 | Unspecified vulnerability in the Web Workers implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown vectors. | |||
| CVE-2011-2621 | 0.00 | — | 0.02 | Jul 1, 2011 | Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors related to form layout. |
- CVE-2008-7297Aug 9, 2011risk 0.00cvss —epss 0.01
Opera cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS)…
- CVE-2011-2640Jul 1, 2011risk 0.00cvss —epss 0.02
Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via an HTML document that has an empty parameter value for an embedded Java applet.
- CVE-2011-2639Jul 1, 2011risk 0.00cvss —epss 0.02
Opera before 11.10 does not properly handle hidden animated GIF images, which allows remote attackers to cause a denial of service (CPU consumption) via an image file that triggers continual repaints.
- CVE-2011-2638Jul 1, 2011risk 0.00cvss —epss 0.02
Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by games on zylom.com.
- CVE-2011-2637Jul 1, 2011risk 0.00cvss —epss 0.02
Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by futura-sciences.com, seoptimise.com, and mitosyfraudes.org.
- CVE-2011-2636Jul 1, 2011risk 0.00cvss —epss 0.02
Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by a certain Tomato Firmware page.
- CVE-2011-2635Jul 1, 2011risk 0.00cvss —epss 0.02
The Cascading Style Sheets (CSS) implementation in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via vectors involving use of the :hover pseudo-class, in conjunction with transforms, for a floated element.
- CVE-2011-2634Jul 1, 2011risk 0.00cvss —epss 0.02
Opera before 11.10 allows remote attackers to hijack (1) searches and (2) customizations via unspecified third party applications.
- CVE-2011-2633Jul 1, 2011risk 0.00cvss —epss 0.01
Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service (application crash) via vectors involving a Certificate Revocation List (CRL) file, as demonstrated by the multicert-ca-02.crl file.
- CVE-2011-2632Jul 1, 2011risk 0.00cvss —epss 0.02
Opera before 11.11 does not properly handle destruction of a Silverlight instance, which allows remote attackers to cause a denial of service (application crash) via a web page, as demonstrated by vod.onet.pl.
- CVE-2011-2631Jul 1, 2011risk 0.00cvss —epss 0.02
The Cascading Style Sheets (CSS) implementation in Opera before 11.11 does not properly handle the column-count property, which allows remote attackers to cause a denial of service (infinite repaint loop and application hang) via a web page, as demonstrated by an unspecified…
- CVE-2011-2630Jul 1, 2011risk 0.00cvss —epss 0.01
Opera before 11.11 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page that is not properly handled during a reload occurring after the opening of a popup of the Easy Sticky Note extension.
- CVE-2011-2629Jul 1, 2011risk 0.00cvss —epss 0.02
Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by www.falk.de.
- CVE-2011-2627Jul 1, 2011risk 0.00cvss —epss 0.02
Unspecified vulnerability in the DOM implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by live.com.
- CVE-2011-2626Jul 1, 2011risk 0.00cvss —epss 0.02
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) by using "injected script" to set the SRC attribute of an IFRAME element.
- CVE-2011-2625Jul 1, 2011risk 0.00cvss —epss 0.02
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a SELECT element that contains many OPTION elements.
- CVE-2011-2624Jul 1, 2011risk 0.00cvss —epss 0.02
Opera before 11.50 allows user-assisted remote attackers to cause a denial of service (application hang) via a large table, which is not properly handled during a print preview.
- CVE-2011-2623Jul 1, 2011risk 0.00cvss —epss 0.02
Unspecified vulnerability in the SVG BiDi implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash or hang) via unknown vectors.
- CVE-2011-2622Jul 1, 2011risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Web Workers implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown vectors.
- CVE-2011-2621Jul 1, 2011risk 0.00cvss —epss 0.02
Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors related to form layout.
Page 6 of 14