Total
285 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0238 | 4 Gnome, Mozilla, Omnigroup and 1 more | 5 Epiphany, Camino, Mozilla and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | |||||
| CVE-2004-1810 | 1 Opera | 1 Opera Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Javascript engine in Opera 7.23 allows remote attackers to cause a denial of service (crash) by creating a new Array object with a large size value, then writing into that array. | |||||
| CVE-2005-1669 | 1 Opera | 1 Opera Browser | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to inject arbitrary web script or HTML via "javascript:" URLs when a new window or frame is opened, which allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains. | |||||
| CVE-2005-3750 | 1 Opera | 1 Opera Browser | 2025-04-03 | 7.5 HIGH | N/A |
| Opera before 8.51 on Linux and Unix systems allows remote attackers to execute arbitrary code via shell metacharacters (backticks) in a URL that another product provides in a command line argument when launching Opera. | |||||
| CVE-2005-3699 | 1 Opera | 1 Opera Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Opera Web Browser 8.50 and 8.0 through 8.0.2 allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site. | |||||
| CVE-2006-3199 | 1 Opera | 1 Opera Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attribute with a URL containing a long hostname, which triggers an out-of-bounds operation. | |||||
| CVE-2004-0537 | 1 Opera | 1 Opera Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which could allow the web sites to spoof a trusted domain and facilitate phishing attacks using a wide icon and extra spaces. | |||||
| CVE-2004-2491 | 1 Opera | 1 Opera Browser | 2025-04-03 | 2.6 LOW | N/A |
| A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks. | |||||
| CVE-2005-3007 | 1 Opera | 1 Opera Browser | 2025-04-03 | 2.6 LOW | N/A |
| Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." (dot), which might allow remote attackers to trick users into processing dangerous content. | |||||
| CVE-2004-2083 | 1 Opera | 1 Opera Browser | 2025-04-03 | 2.6 LOW | N/A |
| Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing." | |||||
| CVE-2005-1139 | 1 Opera | 1 Opera Browser | 2025-04-03 | 7.5 HIGH | N/A |
| Opera 8 Beta 3, when using first-generation vetted digital certificates, displays the Organizational information of an SSL certificate, which is easily spoofed and can facilitate phishing attacks. | |||||
| CVE-2005-2405 | 1 Opera | 1 Opera Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Opera 8.01, when the "Arial Unicode MS" font (ARIALUNI.TTF) is installed, does not properly handle extended ASCII characters in the file download dialog box, which allows remote attackers to spoof file extensions and possibly trick users into executing arbitrary code. | |||||
| CVE-2005-3006 | 1 Opera | 1 Opera Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| The mail client in Opera before 8.50 opens attached files from the user's cache directory without warning the user, which might allow remote attackers to inject arbitrary web script and spoof attachment filenames. | |||||
| CVE-2003-1420 | 1 Opera | 1 Opera Browser | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header. | |||||
| CVE-2005-3059 | 3 Linux, Microsoft, Opera | 3 Linux Kernel, Windows, Opera Browser | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Opera 8.50 on Linux and Windows have unknown impact and attack vectors, related to (1) " handling of must-revalidate cache directive for HTTPS pages" or (2) a "display issue with cookie comment encoding." | |||||
| CVE-2003-0870 | 1 Opera | 1 Opera Browser | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name. | |||||
| CVE-2004-1201 | 1 Opera | 1 Opera Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Opera 7.54 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | |||||
| CVE-2006-3945 | 2 Microsoft, Opera | 2 Windows Xp, Opera Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| The CSS functionality in Opera 9 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the background property of a DHTML element to a long http or https URL, which triggers memory corruption. | |||||
| CVE-2004-2570 | 1 Opera | 1 Opera Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Opera before 7.54 allows remote attackers to modify properties and methods of the location object and execute Javascript to read arbitrary files from the client's local filesystem or display a false URL to the user. | |||||
| CVE-2005-0456 | 1 Opera | 1 Opera Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: (RFC 2397) URL, which causes the URL to be obscured in a download dialog, which may allow remote attackers to trick users into executing arbitrary code. | |||||