CVE Tools

opera software

Consumer SoftwareNOcommercial

12

Cumulative CVEs

7

Monthly snapshots

#17

Peak rank

Top products

opera web browser3 opera1

Latest CVEs

The 15 most recently published vulnerabilities affecting opera software.

CVE-2002-2414Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS con...4.3Nov 1, 2007
CVE-2002-2358Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL.4.3Oct 29, 2007
CVE-2002-2312Opera 6.0.1 allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a w...5.8Oct 26, 2007
CVE-2002-2311Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.s...6.4Oct 26, 2007
CVE-2002-2332Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.5.0Oct 26, 2007
CVE-2001-1491Opera 5.11 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.5.0Jun 21, 2005
CVE-2005-0233The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded ...7.5Feb 7, 2005
CVE-2002-1091Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width.7.5Sep 1, 2004
CVE-2002-0898Opera 6.0.1 and 6.0.2 allows a remote web site to upload arbitrary files from the client system, without prompting the client, via an input type=file tag whose value contains a newline.5.0Apr 2, 2003
CVE-2002-0783Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL.7.5Jul 26, 2002
CVE-2002-0270Opera, when configured with the "Determine action by MIME type" option disabled, interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote att...4.3May 3, 2002
CVE-2002-0243Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed.7.5May 3, 2002
CVE-2001-1245Opera 5.0 for Linux does not properly handle malformed HTTP headers, which allows remote attackers to cause a denial of service, possibly with a header whose value is the same as a MIME header name.5.0May 3, 2002
CVE-2001-0898Opera 6.0 and earlier allows remote attackers to access sensitive information such as cookies and links for other domains via Javascript that uses setTimeout to (1) access data after a new window t...5.0Feb 2, 2002
CVE-1999-1283Opera 3.2.1 allows remote attackers to cause a denial of service (application crash) via a URL that contains an extra / in the http:// tag.5.0Sep 12, 2001