Opera

This hub aggregates every CVE we track for Opera, a product in the consumer software space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Opera.

• BDU:2025-14082Уязвимость механизма рендеринга Blink браузеров на основе Chromium, позволяющая нарушителю вызвать отказ в обслуживании8.8Nov 13, 2025
• BDU:2025-13227Уязвимость механизмов рендеринга Blink и WebKit браузеров на основе Chromium и Safari, позволяющая нарушителю вызвать отказ в обслуживании браузера5.4Oct 22, 2025
• CVE-2020-6159URLs using “javascript:” have the protocol removed when pasted into the address bar to protect users from cross-site scripting (XSS) attacks, but in certain circumstances this removal was not p...6.1Dec 23, 2020
• CVE-2019-12278Opera through 53 on Android allows Address Bar Spoofing. Characters from several languages are displayed in Right-to-Left order, due to mishandling of several Unicode characters. The rendering mech...4.3Mar 12, 2020
• CVE-2019-19788Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed cross-origin iframe bypass attack. By using a service working inside a sandboxed iframe it is possible to bypass the normal san...5.5Dec 18, 2019
• CVE-2016-7152The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leve...5.3Sep 6, 2016
• BDU:2015-00657Уязвимость программного обеспечения Opera, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации7.5Jul 6, 2016
• BDU:2015-00656Уязвимость программного обеспечения Opera, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации7.5Jul 6, 2016
• BDU:2015-00655Уязвимость программного обеспечения Opera, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации10.0Jul 6, 2016
• BDU:2015-00654Уязвимость программного обеспечения Opera, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации10.0Jul 6, 2016
• CVE-2010-5227Untrusted search path vulnerability in Opera before 10.62 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory t...6.9Sep 7, 2012
• CVE-2012-3556Opera before 11.65 does not properly restrict the opening of a pop-up window in response to the first click of a double-click action, which makes it easier for user-assisted remote attackers to con...9.3Jun 14, 2012
• CVE-2009-2068Google Chrome detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context,...5.8Jun 15, 2009
• CVE-2008-5679The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via crafted web pages that trigger an invalid pointer calculation and heap corruption.9.3Dec 19, 2008
• CVE-2008-5428Opera 9.51 on Windows XP does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which ...4.3Dec 11, 2008