Search Results (309 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3007 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." (dot), which might allow remote attackers to trick users into processing dangerous content.
CVE-2006-1834 1 Opera 1 Opera Browser 2026-04-16 N/A
Integer signedness error in Opera before 8.54 allows remote attackers to execute arbitrary code via long values in a stylesheet attribute, which pass a length check. NOTE: a sign extension problem makes the attack easier with shorter strings.
CVE-2006-3199 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attribute with a URL containing a long hostname, which triggers an out-of-bounds operation.
CVE-2005-2309 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera 8.01 allows remote attackers to cause a denial of service (CPU consumption) via a crafted JPEG image, as demonstrated using random.jpg.
CVE-2006-3331 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera before 9.0 does not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks.
CVE-2005-2406 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera 8.01 allows remote attackers to conduct cross-site scripting (XSS) attacks or modify which files are uploaded by tricking a user into dragging an image that is a "javascript:" URI.
CVE-2003-1388 1 Opera 1 Opera Browser 2026-04-16 N/A
Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension.
CVE-2003-1396 1 Opera 1 Opera Browser 2026-04-16 N/A
Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension.
CVE-2005-1139 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera 8 Beta 3, when using first-generation vetted digital certificates, displays the Organizational information of an SSL certificate, which is easily spoofed and can facilitate phishing attacks.
CVE-2003-1387 1 Opera 1 Opera Browser 2026-04-16 N/A
Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username.
CVE-2005-4210 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera before 8.51, when running on Windows with Input Method Editor (IME) installed, allows remote attackers to cause a denial of service (persistent application crash) by bookmarking a site with a long title.
CVE-2005-2407 1 Opera 1 Opera Browser 2026-04-16 N/A
A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code by overlaying a malicious new window above a file download dialog box, then tricking the user into double-clicking on the "Run" button, aka "link hijacking".
CVE-2003-1420 1 Opera 1 Opera Browser 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header.
CVE-2005-3041 1 Opera 1 Opera Browser 2026-04-16 N/A
Unspecified "drag-and-drop vulnerability" in Opera Web Browser before 8.50 on Windows allows "unintentional file uploads."
CVE-2003-1397 1 Opera 1 Opera Browser 2026-04-16 N/A
The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service (crash) via an HTTP request containing a long string that gets passed to the ShowDocument method.
CVE-2003-0593 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
CVE-2004-0537 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which could allow the web sites to spoof a trusted domain and facilitate phishing attacks using a wide icon and extra spaces.
CVE-2004-1157 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera 7.x up to 7.54, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.
CVE-2003-0870 1 Opera 1 Opera Browser 2026-04-16 N/A
Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name.
CVE-2005-1475 1 Opera 1 Opera Browser 2026-04-16 N/A
The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect.