Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

opera opera browser 10.00 vulnerabilities and exploits

(subscribe to this query)
383
VMScore
CVE-2009-3265
Cross-site scripting (XSS) vulnerability in Opera 9 and 10 allows remote malicious users to inject arbitrary web script or HTML via a (1) RSS or (2) Atom feed, related to the rendering of the application/rss+xml content type as "scripted content." NOTE: the vendor repor...
Opera Opera Browser 10.00Opera Opera Browser 9.0
383
VMScore
CVE-2009-3013
Opera 9.52 and previous versions, and 10.00 Beta 3 Build 1699, does not properly block data: URIs in Location headers in HTTP responses, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Location header that c...
Opera Opera Browser 9.10Opera Opera Browser 8.0Opera Opera Browser 8.01Opera Opera Browser 9.01Opera Opera Browser 10.00Opera Opera Browser 9.02Opera Opera Browser 9.0Opera Opera Browser 7.53Opera Opera Browser 8.53Opera Opera Browser 8.02Opera Opera Browser 9.22Opera Opera Browser 9.20Opera Opera Browser 9.21Opera Opera Browser 8.54Opera Opera Browser 7.60Opera Opera Browser 8.51Opera Opera Browser 8.52Opera Opera Browser 7.54Opera Opera Browser 7.0Opera Opera Browser 7.23Opera Opera Browser 8.50Opera Opera Browser 9.51
383
VMScore
CVE-2009-2351
Opera 9.52 and previous versions does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refres...
Opera Opera Browser 9.0Opera Opera Browser 7.53Opera Opera Browser 8.51Opera Opera Browser 8.53Opera Opera Browser 8.02Opera Opera Browser 9.22Opera Opera Browser 9.20Opera Opera Browser 9.10Opera Opera Browser 7.23Opera Opera Browser 8.0Opera Opera Browser 9.01Opera Opera BrowserOpera Opera Browser 10.00Opera Opera Browser 7.54Opera Opera Browser 7.0Opera Opera Browser 8.50Opera Opera Browser 9.51Opera Opera Browser 9.12Opera Opera Browser 9.02Opera Opera Browser 9.21Opera Opera Browser 8.54Opera Opera Browser 8.01
516
VMScore
CVE-2009-4071
Opera prior to 10.10, when exception stacktraces are enabled, places scripting error messages from a web site into variables that can be read by a different web site, which allows remote malicious users to obtain sensitive information or conduct cross-site scripting (XSS) attacks...
Opera Opera Browser 9.51Opera Opera Browser 9.22Opera Opera Browser 9.0Opera Opera Browser 8.0Opera Opera Browser 10.00Opera Opera Browser 10Opera Opera Browser 9.21Opera Opera Browser 9.20Opera Opera Browser 8.54Opera Opera Browser 8.53Opera Opera Browser 7.60Opera Opera Browser 7.54Opera Opera BrowserOpera Opera Browser 10.01Opera Opera Browser 9.12Opera Opera Browser 9.10Opera Opera Browser 8.52Opera Opera Browser 8.51Opera Opera Browser 8.50Opera Opera Browser 7.53Opera Opera Browser 7.23Opera Opera Browser 9.64
890
VMScore
CVE-2009-4072
Unspecified vulnerability in Opera prior to 10.10 has unknown impact and attack vectors, related to a "moderately severe issue."
Opera Opera Browser 9.20Opera Opera Browser 9.52Opera Opera Browser 9.51Opera Opera Browser 9.0Opera Opera Browser 8.01Opera Opera Browser 8.0Opera Opera Browser 10.00Opera Opera Browser 9.22Opera Opera Browser 9.21Opera Opera Browser 8.54Opera Opera Browser 8.53Opera Opera Browser 7.60Opera Opera Browser 10Opera Opera BrowserOpera Opera Browser 9.12Opera Opera Browser 9.10Opera Opera Browser 8.52Opera Opera Browser 8.51Opera Opera Browser 7.54Opera Opera Browser 7.53Opera Opera Browser 9.64Opera Opera Browser 9.02
445
VMScore
CVE-2009-3045
Opera prior to 10.00 trusts root X.509 certificates signed with the MD2 algorithm, which makes it easier for man-in-the-middle malicious users to spoof arbitrary SSL servers via a crafted server certificate.
Opera Opera Browser 8.0Opera Opera Browser 7.0Opera Opera Browser 7.23Opera Opera Browser 9.01Opera Opera Browser 9.51Opera Opera Browser 9.21Opera Opera Browser 7.60Opera Opera Browser 8.02Opera Opera Browser 9.02Opera Opera Browser 9.22Opera Opera Browser 9.20Opera Opera Browser 8.01Opera Opera Browser 8.52Opera Opera Browser 8.51Opera Opera Browser 8.53Opera Opera Browser 9.64Opera Opera Browser 9.52Opera Opera Browser 7.53Opera Opera Browser 7.54Opera Opera Browser 8.54Opera Opera Browser 9.0Opera Opera Browser 8.50
445
VMScore
CVE-2009-3049
Opera prior to 10.00 does not properly display all characters in Internationalized Domain Names (IDN) in the address bar, which allows remote malicious users to spoof URLs and conduct phishing attacks, related to Unicode and Punycode.
Opera Opera Browser 7.0Opera Opera Browser 7.23Opera Opera Browser 9.01Opera Opera Browser 9.10Opera Opera Browser 9.51Opera Opera Browser 7.53Opera Opera Browser 7.54Opera Opera Browser 8.54Opera Opera Browser 9.0Opera Opera Browser 9.02Opera Opera Browser 8.50Opera Opera Browser 9.12Opera Opera BrowserOpera Opera Browser 8.0Opera Opera Browser 8.01Opera Opera Browser 8.52Opera Opera Browser 8.51Opera Opera Browser 9.21Opera Opera Browser 9.64Opera Opera Browser 7.60Opera Opera Browser 8.53Opera Opera Browser 8.02
383
VMScore
CVE-2009-3047
Opera prior to 10.00, when a collapsed address bar is used, does not properly update the domain name from the previously visited site to the currently visited site, which might allow remote malicious users to spoof URLs.
Opera Opera Browser 7.53Opera Opera Browser 8.54Opera Opera Browser 8.02Opera Opera Browser 9.02Opera Opera Browser 9.20Opera Opera Browser 9.12Opera Opera Browser 8.01Opera Opera Browser 7.60Opera Opera Browser 8.51Opera Opera Browser 8.53Opera Opera Browser 9.52Opera Opera Browser 9.22Opera Opera Browser 7.54Opera Opera Browser 7.0Opera Opera Browser 9.0Opera Opera Browser 9.01Opera Opera Browser 8.50Opera Opera Browser 9.10Opera Opera Browser 9.51Opera Opera BrowserOpera Opera Browser 7.23Opera Opera Browser 8.0
445
VMScore
CVE-2009-3044
Opera prior to 10.00 does not properly handle a (1) '\0' character or (2) invalid wildcard character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof arbitrary SSL servers via ...
Opera Opera Browser 9.26Opera Opera Browser 9.51Opera Opera Browser 9.24Opera Opera Browser 9.23Opera Opera Browser 9.01Opera Opera Browser 9.0Opera Opera Browser 8.01Opera Opera Browser 8.51Opera Opera Browser 7.54Opera Opera Browser 7.52Opera Opera Browser 7.03Opera Opera Browser 7.0Opera Opera Browser 7.01Opera Opera Browser 6.0Opera Opera Browser 6.02Opera Opera Browser 5.0Opera Opera Browser 5.02Opera Opera Browser 4.00Opera Opera Browser 3.62Opera Opera Browser 3.10Opera Opera Browser 3.00Opera Opera Browser 1.00
383
VMScore
CVE-2011-1337
Opera prior to 11.50 allows remote malicious users to cause a denial of service (disk consumption) via invalid URLs that trigger creation of error pages.
Opera Opera Browser 9.62Opera Opera Browser 9.64Opera Opera Browser 5.0Opera Opera Browser 9.26Opera Opera Browser 9.27Opera Opera Browser 10.01Opera Opera Browser 9.51Opera Opera Browser 10.10Opera Opera Browser 10.00Opera Opera Browser 8.0Opera Opera Browser 9.10Opera Opera Browser 7.20Opera Opera Browser 7.03Opera Opera Browser 7.54Opera Opera Browser 7.0Opera Opera Browser 7.01Opera Opera Browser 8.02Opera Opera Browser 6.06Opera Opera Browser 5.11Opera Opera Browser 5.10Opera Opera Browser 5.02Opera Opera Browser 6.12
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook