Opera : Security Vulnerabilities, CVEs, (Denial of service) CVSS score >= 8
Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image.
Max CVSS
9.3
EPSS Score
5.86%
Published
2013-01-02
Updated
2013-01-02
Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long HTTP response.
Max CVSS
9.3
EPSS Score
3.41%
Published
2013-01-02
Updated
2015-10-08
Opera before 12.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed SVG image.
Max CVSS
9.3
EPSS Score
1.03%
Published
2013-01-02
Updated
2013-01-02
Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string.
Max CVSS
10.0
EPSS Score
10.03%
Published
2012-06-14
Updated
2012-08-14
Opera before 11.11 does not properly implement FRAMESET elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to page unload.
Max CVSS
10.0
EPSS Score
31.57%
Published
2011-07-01
Updated
2012-02-14
Integer truncation error in opera.dll in Opera before 11.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an HTML form with a select element that contains a large number of children.
Max CVSS
9.3
EPSS Score
4.86%
Published
2011-01-31
Updated
2018-08-13
Heap-based buffer overflow in Opera before 10.61 allows remote attackers to execute arbitrary code or cause a denial of service (application crash or hang) via vectors related to HTML5 canvas painting operations that occur during the application of transformations.
Max CVSS
9.3
EPSS Score
9.48%
Published
2010-08-16
Updated
2017-09-19
Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop, leading to attempted use of uninitialized memory. NOTE: this might overlap CVE-2006-6955.
Max CVSS
9.3
EPSS Score
17.02%
Published
2010-05-06
Updated
2018-10-30
Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name.
Max CVSS
9.3
EPSS Score
3.86%
Published
2009-10-30
Updated
2022-03-01
Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a redirect that specifies a crafted URL.
Max CVSS
9.3
EPSS Score
28.99%
Published
2008-10-23
Updated
2017-08-08
Unspecified vulnerability in Opera before 9.52 on Windows, when registered as a protocol handler, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors in which Opera is launched by other applications.
Max CVSS
10.0
EPSS Score
8.06%
Published
2008-09-27
Updated
2017-08-08
Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted scaled image pattern in an HTML CANVAS element, which triggers memory corruption.
Max CVSS
9.3
EPSS Score
9.20%
Published
2008-04-12
Updated
2017-08-08
Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted newsfeed source, which triggers an invalid memory access.
Max CVSS
9.3
EPSS Score
2.12%
Published
2008-04-12
Updated
2017-08-08
13 vulnerabilities found