Opera : Security Vulnerabilities, CVEs, (Overflow)
Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image.
Max CVSS
9.3
EPSS Score
5.86%
Published
2013-01-02
Updated
2013-01-02
Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long HTTP response.
Max CVSS
9.3
EPSS Score
3.41%
Published
2013-01-02
Updated
2015-10-08
Opera before 12.01 allows remote attackers to cause a denial of service (application crash) via a crafted web site, as demonstrated by the Lenovo "Shop now" page.
Max CVSS
4.3
EPSS Score
0.29%
Published
2012-08-06
Updated
2012-08-07
Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string.
Max CVSS
10.0
EPSS Score
10.03%
Published
2012-06-14
Updated
2012-08-14
Integer truncation error in opera.dll in Opera before 11.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an HTML form with a select element that contains a large number of children.
Max CVSS
9.3
EPSS Score
4.86%
Published
2011-01-31
Updated
2018-08-13
Opera before 10.63 allows remote attackers to cause a denial of service (memory corruption) by referencing an SVG document in an IMG element.
Max CVSS
4.3
EPSS Score
0.74%
Published
2010-10-21
Updated
2017-09-19
Heap-based buffer overflow in Opera before 10.61 allows remote attackers to execute arbitrary code or cause a denial of service (application crash or hang) via vectors related to HTML5 canvas painting operations that occur during the application of transformations.
Max CVSS
9.3
EPSS Score
9.48%
Published
2010-08-16
Updated
2017-09-19
Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow.
Max CVSS
10.0
EPSS Score
92.31%
Published
2010-04-12
Updated
2017-08-17
Multiple buffer overflows in Opera before 9.63 might allow (1) remote attackers to execute arbitrary code via a crafted text area, or allow (2) user-assisted remote attackers to execute arbitrary code via a long host name in a file: URL. NOTE: this might overlap CVE-2008-5178.
Max CVSS
9.3
EPSS Score
10.43%
Published
2008-12-19
Updated
2018-10-11
Heap-based buffer overflow in Opera 9.62 on Windows allows remote attackers to execute arbitrary code via a long file:// URI. NOTE: this might overlap CVE-2008-5680.
Max CVSS
9.3
EPSS Score
47.35%
Published
2008-11-20
Updated
2017-10-19
Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. NOTE: due to the lack of details, it is not clear if this is the same issue as CVE-2007-2274.
Max CVSS
9.3
EPSS Score
10.12%
Published
2007-05-22
Updated
2022-02-26
Heap-based buffer overflow in Opera 9.02 allows remote attackers to execute arbitrary code via a JPEG file with an invalid number of index bytes in the Define Huffman Table (DHT) marker.
Max CVSS
9.3
EPSS Score
17.15%
Published
2007-01-09
Updated
2017-07-29
Heap-based buffer overflow in Opera 9.0 and 9.01 allows remote attackers to execute arbitrary code via a long URL in a tag (long link address).
Max CVSS
5.1
EPSS Score
29.94%
Published
2006-10-17
Updated
2017-07-20
Opera 9 allows remote attackers to cause a denial of service (crash) via a crafted web page that triggers an out-of-bounds memory access, related to an iframe and JavaScript that accesses certain style sheets properties.
Max CVSS
5.0
EPSS Score
1.63%
Published
2006-07-06
Updated
2022-02-28
Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attribute with a URL containing a long hostname, which triggers an out-of-bounds operation.
Max CVSS
5.0
EPSS Score
2.95%
Published
2006-06-23
Updated
2022-02-28
Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended.
Max CVSS
7.5
EPSS Score
8.58%
Published
2006-06-23
Updated
2022-02-28
The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service (crash) via an HTTP request containing a long string that gets passed to the ShowDocument method.
Max CVSS
4.3
EPSS Score
0.30%
Published
2003-12-31
Updated
2022-03-01
Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension.
Max CVSS
6.8
EPSS Score
0.56%
Published
2003-12-31
Updated
2022-03-01
Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension.
Max CVSS
9.3
EPSS Score
0.37%
Published
2003-12-31
Updated
2022-03-01
Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username.
Max CVSS
7.5
EPSS Score
4.01%
Published
2003-12-31
Updated
2022-03-01
Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name.
Max CVSS
7.5
EPSS Score
4.81%
Published
2003-11-17
Updated
2022-03-01
21 vulnerabilities found