Opera Mini for Android allows attackers to bypass intended restrictions on .apk file download/installation via an RTLO (aka Right to Left Override) approach, as demonstrated by misinterpretation of malicious%E2%80%AEtxt.apk as maliciouskpa.txt. This affects 44.1.2254.142553, 44.1.2254.142659, and 44.1.2254.143214.
Max CVSS
9.8
EPSS Score
0.60%
Published
2019-10-29
Updated
2021-07-21
Unspecified vulnerability in Opera Mail before 2016-02-16 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted e-mail message.
Max CVSS
9.3
EPSS Score
1.27%
Published
2016-06-29
Updated
2016-11-28
Unspecified vulnerability in Opera before 12.15 has unknown impact and attack vectors, related to a "moderately severe issue."
Max CVSS
10.0
EPSS Score
0.19%
Published
2013-04-19
Updated
2013-04-22
Opera before 12.13 allows remote attackers to execute arbitrary code via crafted clipPaths in an SVG document.
Max CVSS
9.3
EPSS Score
91.42%
Published
2013-02-08
Updated
2013-03-08
Opera before 12.13 allows remote attackers to execute arbitrary code via vectors involving DOM events.
Max CVSS
9.3
EPSS Score
5.46%
Published
2013-02-08
Updated
2013-03-08
Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image.
Max CVSS
9.3
EPSS Score
5.86%
Published
2013-01-02
Updated
2013-01-02
Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long HTTP response.
Max CVSS
9.3
EPSS Score
3.41%
Published
2013-01-02
Updated
2015-10-08
Opera before 12.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed SVG image.
Max CVSS
9.3
EPSS Score
1.03%
Published
2013-01-02
Updated
2013-01-02
Unspecified vulnerability in Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, has unknown impact and attack vectors, related to a "low severity issue."
Max CVSS
10.0
EPSS Score
0.18%
Published
2012-08-06
Updated
2012-08-07
Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string.
Max CVSS
10.0
EPSS Score
10.03%
Published
2012-06-14
Updated
2012-08-14
Unspecified vulnerability in Opera before 12.00 on Mac OS X has unknown impact and attack vectors, related to a "moderate severity issue."
Max CVSS
10.0
EPSS Score
0.19%
Published
2012-06-14
Updated
2012-08-09
Opera before 11.65 does not properly restrict the opening of a pop-up window in response to the first click of a double-click action, which makes it easier for user-assisted remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary code via a crafted web site.
Max CVSS
9.3
EPSS Score
0.48%
Published
2012-06-14
Updated
2012-06-15
Opera before 11.60 does not properly handle certificate revocation, which has unspecified impact and remote attack vectors related to "corner cases."
Max CVSS
10.0
EPSS Score
0.99%
Published
2011-12-07
Updated
2012-03-06
Unspecified vulnerability in Opera before 11.60 has unknown impact and attack vectors, related to a "moderately severe issue."
Max CVSS
10.0
EPSS Score
0.18%
Published
2011-12-07
Updated
2012-03-06
Opera before 11.11 does not properly implement FRAMESET elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to page unload.
Max CVSS
10.0
EPSS Score
31.57%
Published
2011-07-01
Updated
2012-02-14
Unspecified vulnerability in Opera before 11.50 has unknown impact and attack vectors, related to a "moderately severe issue."
Max CVSS
10.0
EPSS Score
0.31%
Published
2011-07-01
Updated
2011-09-07
Integer truncation error in opera.dll in Opera before 11.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an HTML form with a select element that contains a large number of children.
Max CVSS
9.3
EPSS Score
4.86%
Published
2011-01-31
Updated
2018-08-13
Opera before 11.00 on Windows does not properly implement the Insecure Third Party Module warning message, which might make it easier for user-assisted remote attackers to have an unspecified impact via a crafted module.
Max CVSS
9.3
EPSS Score
0.54%
Published
2010-12-22
Updated
2011-01-12
The default configuration of Opera before 11.00 enables WebSockets functionality, which has unspecified impact and remote attack vectors, possibly a related issue to CVE-2010-4508.
Max CVSS
10.0
EPSS Score
0.40%
Published
2010-12-22
Updated
2011-01-22
Unspecified vulnerability in Opera before 11.00 has unknown impact and attack vectors, related to "a high severity issue."
Max CVSS
10.0
EPSS Score
0.38%
Published
2010-12-22
Updated
2011-01-22
Opera before 10.63 does not properly restrict web script in unspecified circumstances involving reloads and redirects, which allows remote attackers to spoof the Address Bar, conduct cross-site scripting (XSS) attacks, and possibly execute arbitrary code by leveraging the ability of a script to interact with a web page from (1) a different domain or (2) a different security context.
Max CVSS
9.3
EPSS Score
2.42%
Published
2010-10-21
Updated
2017-09-19
Heap-based buffer overflow in Opera before 10.61 allows remote attackers to execute arbitrary code or cause a denial of service (application crash or hang) via vectors related to HTML5 canvas painting operations that occur during the application of transformations.
Max CVSS
9.3
EPSS Score
9.48%
Published
2010-08-16
Updated
2017-09-19
Opera before 10.54 on Windows and Mac OS X does not properly enforce permission requirements for widget filesystem access and directory selection, which allows user-assisted remote attackers to create or modify arbitrary files, and consequently execute arbitrary code, via widget File I/O operations.
Max CVSS
9.3
EPSS Score
9.96%
Published
2010-07-08
Updated
2018-10-30
Opera before 10.60 on Windows and Mac OS X does not properly prevent certain double-click operations from running a program located on a web site, which allows user-assisted remote attackers to execute arbitrary code via a crafted web page that bypasses a dialog.
Max CVSS
9.3
EPSS Score
2.29%
Published
2010-07-08
Updated
2021-09-08
Multiple unspecified vulnerabilities in Opera before 10.54 have unknown impact and attack vectors related to (1) "extremely severe," (2) "highly severe," (3) "moderately severe," and (4) "less severe" issues.
Max CVSS
10.0
EPSS Score
0.50%
Published
2010-06-22
Updated
2018-10-30
55 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!