Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opera opera browser 9.10 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1115
The child frames in Opera 9 prior to 9.20 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote malicious users to conduct cross-site scripting (XSS) attacks, as demonstrated using the UT...
Opera Opera Browser 9.02
Opera Opera Browser 9.12
Opera Opera Browser 9.20
Opera Opera Browser 9.0
Opera Opera Browser 9.01
Opera Opera Browser 9.10
NA
CVE-2007-4944
The canvas.createPattern function in Opera 9.x prior to 9.22 for Linux, FreeBSD, and Solaris does not clear memory before using it to process a new pattern, which allows remote malicious users to obtain sensitive information (memory contents) via JavaScript.
Opera Opera Browser 9.02
Opera Opera Browser 9.12
Opera Opera Browser 9.20
Opera Opera Browser 9.21
Opera Opera Browser 9.0
Opera Opera Browser 9.01
Opera Opera Browser 9.10
NA
CVE-2007-6523
Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x prior to 9.25 allows remote malicious users to cause a denial of service (CPU consumption) via a crafted bitmap (BMP) file that triggers a large number of calculations and checks.
Opera Opera Browser 9.50
Opera Opera Browser 9.02
Opera Opera Browser 9.24
Opera Opera Browser 9.12
Opera Opera Browser 9.20
Opera Opera Browser 9.21
Opera Opera Browser 9.0
Opera Opera Browser 9.23
Opera Opera Browser 9.22
Opera Opera Browser 9.01
Opera Opera Browser 9.10
NA
CVE-2007-1563
The FTP protocol implementation in Opera 9.10 allows remote malicious users to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
Opera Opera Browser 9.10
1 EDB exploit
NA
CVE-2007-1737
Opera 9.10 does not check URLs embedded in (1) object or (2) iframe HTML tags against the phishing site blacklist, which allows remote malicious users to bypass phishing protection.
Opera Opera Browser 9.10
NA
CVE-2006-6970
Opera 9.10 Final allows remote malicious users to bypass the Fraud Protection mechanism by adding certain characters to the end of a domain name, as demonstrated by the "." and "/" characters, which is not caught by the blacklist filter.
Opera Opera Browser 9.10
NA
CVE-2009-2067
Opera detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle malicious users to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script f...
Opera Opera Browser 7.23
Opera Opera Browser 9.02
Opera Opera Browser 7.53
Opera Opera Browser 8.50
Opera Opera Browser 8.53
Opera Opera Browser 9.12
Opera Opera Browser 8.0
Opera Opera Browser
Opera Opera Browser 8.54
Opera Opera Browser 8.02
Opera Opera Browser 9.20
Opera Opera Browser 9.21
Opera Opera Browser 8.51
Opera Opera Browser 7.60
Opera Opera Browser 7.54
Opera Opera Browser 9.01
Opera Opera Browser 9.0
Opera Opera Browser 9.10
Opera Opera Browser 8.52
Opera Opera Browser 8.01
Opera Opera Browser 7.0
NA
CVE-2009-2059
Opera, possibly prior to 9.25, uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle malicious users to execute arbitrary web script by modifying this CONNECT response...
Opera Opera Browser 7.23
Opera Opera Browser 9.02
Opera Opera Browser 7.53
Opera Opera Browser 8.50
Opera Opera Browser 8.53
Opera Opera Browser 9.12
Opera Opera Browser 8.0
Opera Opera Browser
Opera Opera Browser 8.54
Opera Opera Browser 8.02
Opera Opera Browser 9.20
Opera Opera Browser 9.21
Opera Opera Browser 8.51
Opera Opera Browser 7.60
Opera Opera Browser 7.54
Opera Opera Browser 9.01
Opera Opera Browser 9.0
Opera Opera Browser 9.10
Opera Opera Browser 8.52
Opera Opera Browser 8.01
Opera Opera Browser 7.0
NA
CVE-2009-2351
Opera 9.52 and previous versions does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refres...
Opera Opera Browser 7.23
Opera Opera Browser 9.02
Opera Opera Browser 7.53
Opera Opera Browser 8.50
Opera Opera Browser 9.51
Opera Opera Browser 8.53
Opera Opera Browser 9.12
Opera Opera Browser 8.0
Opera Opera Browser
Opera Opera Browser 8.54
Opera Opera Browser 8.02
Opera Opera Browser 9.20
Opera Opera Browser 9.21
Opera Opera Browser 8.51
Opera Opera Browser 7.60
Opera Opera Browser 7.54
Opera Opera Browser 9.22
Opera Opera Browser 9.01
Opera Opera Browser 9.0
Opera Opera Browser 9.10
Opera Opera Browser 8.52
Opera Opera Browser 10.00
NA
CVE-2009-3013
Opera 9.52 and previous versions, and 10.00 Beta 3 Build 1699, does not properly block data: URIs in Location headers in HTTP responses, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Location header that c...
Opera Opera Browser 7.23
Opera Opera Browser 9.02
Opera Opera Browser 7.53
Opera Opera Browser 8.50
Opera Opera Browser 9.51
Opera Opera Browser 8.53
Opera Opera Browser 9.12
Opera Opera Browser 8.0
Opera Opera Browser
Opera Opera Browser 8.54
Opera Opera Browser 8.02
Opera Opera Browser 9.20
Opera Opera Browser 9.21
Opera Opera Browser 8.51
Opera Opera Browser 7.60
Opera Opera Browser 7.54
Opera Opera Browser 9.22
Opera Opera Browser 9.01
Opera Opera Browser 9.0
Opera Opera Browser 9.10
Opera Opera Browser 8.52
Opera Opera Browser 10.00
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »