Opera : Security Vulnerabilities, CVEs, (Overflow) CVSS score >= 6
Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image.
Max CVSS
9.3
EPSS Score
5.86%
Published
2013-01-02
Updated
2013-01-02
Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long HTTP response.
Max CVSS
9.3
EPSS Score
3.41%
Published
2013-01-02
Updated
2015-10-08
Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string.
Max CVSS
10.0
EPSS Score
10.03%
Published
2012-06-14
Updated
2012-08-14
Integer truncation error in opera.dll in Opera before 11.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an HTML form with a select element that contains a large number of children.
Max CVSS
9.3
EPSS Score
4.86%
Published
2011-01-31
Updated
2018-08-13
Heap-based buffer overflow in Opera before 10.61 allows remote attackers to execute arbitrary code or cause a denial of service (application crash or hang) via vectors related to HTML5 canvas painting operations that occur during the application of transformations.
Max CVSS
9.3
EPSS Score
9.48%
Published
2010-08-16
Updated
2017-09-19
Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow.
Max CVSS
10.0
EPSS Score
92.31%
Published
2010-04-12
Updated
2017-08-17
Multiple buffer overflows in Opera before 9.63 might allow (1) remote attackers to execute arbitrary code via a crafted text area, or allow (2) user-assisted remote attackers to execute arbitrary code via a long host name in a file: URL. NOTE: this might overlap CVE-2008-5178.
Max CVSS
9.3
EPSS Score
10.43%
Published
2008-12-19
Updated
2018-10-11
Heap-based buffer overflow in Opera 9.62 on Windows allows remote attackers to execute arbitrary code via a long file:// URI. NOTE: this might overlap CVE-2008-5680.
Max CVSS
9.3
EPSS Score
47.35%
Published
2008-11-20
Updated
2017-10-19
Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. NOTE: due to the lack of details, it is not clear if this is the same issue as CVE-2007-2274.
Max CVSS
9.3
EPSS Score
10.12%
Published
2007-05-22
Updated
2022-02-26
Heap-based buffer overflow in Opera 9.02 allows remote attackers to execute arbitrary code via a JPEG file with an invalid number of index bytes in the Define Huffman Table (DHT) marker.
Max CVSS
9.3
EPSS Score
17.15%
Published
2007-01-09
Updated
2017-07-29
Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended.
Max CVSS
7.5
EPSS Score
8.58%
Published
2006-06-23
Updated
2022-02-28
Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension.
Max CVSS
6.8
EPSS Score
0.56%
Published
2003-12-31
Updated
2022-03-01
Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension.
Max CVSS
9.3
EPSS Score
0.37%
Published
2003-12-31
Updated
2022-03-01
Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username.
Max CVSS
7.5
EPSS Score
4.01%
Published
2003-12-31
Updated
2022-03-01
Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name.
Max CVSS
7.5
EPSS Score
4.81%
Published
2003-11-17
Updated
2022-03-01
15 vulnerabilities found