Opera : Security Vulnerabilities, CVEs, (Denial of service) CVSS score >= 4
Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image.
Max CVSS
9.3
EPSS Score
7.12%
Published
2013-01-02
Updated
2013-01-02
Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long HTTP response.
Max CVSS
9.3
EPSS Score
3.41%
Published
2013-01-02
Updated
2015-10-08
Opera before 12.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed SVG image.
Max CVSS
9.3
EPSS Score
1.03%
Published
2013-01-02
Updated
2013-01-02
Opera before 12.01 allows remote attackers to cause a denial of service (application crash) via a crafted web site, as demonstrated by the Lenovo "Shop now" page.
Max CVSS
4.3
EPSS Score
0.29%
Published
2012-08-06
Updated
2012-08-07
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted WebGL content, as demonstrated by a codeflow.org WebGL demo.
Max CVSS
5.0
EPSS Score
0.26%
Published
2012-06-14
Updated
2017-08-29
Opera before 12.00 Beta allows remote attackers to cause a denial of service (memory consumption or application hang) via an IFRAME element that uses the src="#" syntax to embed a parent document.
Max CVSS
5.0
EPSS Score
0.26%
Published
2012-06-14
Updated
2017-08-29
Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (application hang) via JavaScript code that changes a form before submission.
Max CVSS
4.3
EPSS Score
0.20%
Published
2012-06-14
Updated
2017-08-29
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted characters in domain names, as demonstrated by "IDNA2008 tests."
Max CVSS
5.0
EPSS Score
0.26%
Published
2012-06-14
Updated
2017-08-29
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application hang) via an absolutely positioned wrap=off TEXTAREA element located next to an "overflow: auto" block element.
Max CVSS
5.0
EPSS Score
0.26%
Published
2012-06-14
Updated
2017-08-29
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via a web page that contains invalid character encodings.
Max CVSS
5.0
EPSS Score
0.24%
Published
2012-06-14
Updated
2017-08-29
Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page that is not properly handled during a reload, as demonstrated by a "multiple origin camera test" page.
Max CVSS
4.3
EPSS Score
0.20%
Published
2012-06-14
Updated
2017-08-29
Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string.
Max CVSS
10.0
EPSS Score
10.03%
Published
2012-06-14
Updated
2012-08-14
Multiple integer overflows in Opera 11.60 and earlier allow remote attackers to cause a denial of service (application crash) via a large integer argument to the (1) Int32Array, (2) Float32Array, (3) Float64Array, (4) Uint32Array, (5) Int16Array, or (6) ArrayBuffer function. NOTE: the vendor reportedly characterizes this as "a stability issue, not a security issue."
Max CVSS
5.0
EPSS Score
0.40%
Published
2012-02-07
Updated
2017-08-29
Opera before 11.60 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified content on a web page, as demonstrated by a page under the cisco.com home page.
Max CVSS
5.0
EPSS Score
0.28%
Published
2011-12-07
Updated
2012-03-06
Unspecified vulnerability in the Web Workers implementation in Opera before 11.60 allows remote attackers to cause a denial of service (application crash) via unknown vectors.
Max CVSS
5.0
EPSS Score
0.28%
Published
2011-12-07
Updated
2012-03-06
Dragonfly in Opera before 11.60 allows remote attackers to cause a denial of service (application crash) via unspecified content on a web page, as demonstrated by forbes.com.
Max CVSS
5.0
EPSS Score
0.29%
Published
2011-12-07
Updated
2012-03-06
Opera 11.11 allows remote attackers to cause a denial of service (application crash) by setting the FACE attribute of a FONT element within an IFRAME element after changing the SRC attribute of this IFRAME element to an about:blank value.
Max CVSS
5.0
EPSS Score
0.80%
Published
2011-07-01
Updated
2011-07-05
Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via an HTML document that has an empty parameter value for an embedded Java applet.
Max CVSS
5.0
EPSS Score
0.92%
Published
2011-07-01
Updated
2017-08-29
Opera before 11.10 does not properly handle hidden animated GIF images, which allows remote attackers to cause a denial of service (CPU consumption) via an image file that triggers continual repaints.
Max CVSS
5.0
EPSS Score
0.28%
Published
2011-07-01
Updated
2011-07-05
Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by games on zylom.com.
Max CVSS
5.0
EPSS Score
0.28%
Published
2011-07-01
Updated
2011-07-06
Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by futura-sciences.com, seoptimise.com, and mitosyfraudes.org.
Max CVSS
5.0
EPSS Score
0.28%
Published
2011-07-01
Updated
2011-07-06
Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by a certain Tomato Firmware page.
Max CVSS
5.0
EPSS Score
0.28%
Published
2011-07-01
Updated
2011-07-06
The Cascading Style Sheets (CSS) implementation in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via vectors involving use of the :hover pseudo-class, in conjunction with transforms, for a floated element.
Max CVSS
5.0
EPSS Score
0.28%
Published
2011-07-01
Updated
2011-07-06
Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service (application crash) via vectors involving a Certificate Revocation List (CRL) file, as demonstrated by the multicert-ca-02.crl file.
Max CVSS
5.0
EPSS Score
0.28%
Published
2011-07-01
Updated
2011-07-08
Opera before 11.11 does not properly handle destruction of a Silverlight instance, which allows remote attackers to cause a denial of service (application crash) via a web page, as demonstrated by vod.onet.pl.
Max CVSS
5.0
EPSS Score
0.29%
Published
2011-07-01
Updated
2011-07-08