Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opera opera browser 9.20 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2007-1115
The child frames in Opera 9 prior to 9.20 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote malicious users to conduct cross-site scripting (XSS) attacks, as demonstrated using the UT...
Opera Opera Browser 9.02
Opera Opera Browser 9.12
Opera Opera Browser 9.20
Opera Opera Browser 9.0
Opera Opera Browser 9.01
Opera Opera Browser 9.10
445
VMScore
CVE-2007-4944
The canvas.createPattern function in Opera 9.x prior to 9.22 for Linux, FreeBSD, and Solaris does not clear memory before using it to process a new pattern, which allows remote malicious users to obtain sensitive information (memory contents) via JavaScript.
Opera Opera Browser 9.02
Opera Opera Browser 9.12
Opera Opera Browser 9.20
Opera Opera Browser 9.21
Opera Opera Browser 9.0
Opera Opera Browser 9.01
Opera Opera Browser 9.10
694
VMScore
CVE-2007-6523
Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x prior to 9.25 allows remote malicious users to cause a denial of service (CPU consumption) via a crafted bitmap (BMP) file that triggers a large number of calculations and checks.
Opera Opera Browser 9.50
Opera Opera Browser 9.02
Opera Opera Browser 9.24
Opera Opera Browser 9.12
Opera Opera Browser 9.20
Opera Opera Browser 9.21
Opera Opera Browser 9.0
Opera Opera Browser 9.23
Opera Opera Browser 9.22
Opera Opera Browser 9.01
Opera Opera Browser 9.10
605
VMScore
CVE-2009-2059
Opera, possibly prior to 9.25, uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle malicious users to execute arbitrary web script by modifying this CONNECT response...
Opera Opera Browser 7.23
Opera Opera Browser 9.02
Opera Opera Browser 7.53
Opera Opera Browser 8.50
Opera Opera Browser 8.53
Opera Opera Browser 9.12
Opera Opera Browser 8.0
Opera Opera Browser
Opera Opera Browser 8.54
Opera Opera Browser 8.02
Opera Opera Browser 9.20
Opera Opera Browser 9.21
Opera Opera Browser 8.51
Opera Opera Browser 7.60
Opera Opera Browser 7.54
Opera Opera Browser 9.01
Opera Opera Browser 9.0
Opera Opera Browser 9.10
Opera Opera Browser 8.52
Opera Opera Browser 8.01
Opera Opera Browser 7.0
605
VMScore
CVE-2009-2067
Opera detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle malicious users to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script f...
Opera Opera Browser 7.23
Opera Opera Browser 9.02
Opera Opera Browser 7.53
Opera Opera Browser 8.50
Opera Opera Browser 8.53
Opera Opera Browser 9.12
Opera Opera Browser 8.0
Opera Opera Browser
Opera Opera Browser 8.54
Opera Opera Browser 8.02
Opera Opera Browser 9.20
Opera Opera Browser 9.21
Opera Opera Browser 8.51
Opera Opera Browser 7.60
Opera Opera Browser 7.54
Opera Opera Browser 9.01
Opera Opera Browser 9.0
Opera Opera Browser 9.10
Opera Opera Browser 8.52
Opera Opera Browser 8.01
Opera Opera Browser 7.0
383
VMScore
CVE-2009-3013
Opera 9.52 and previous versions, and 10.00 Beta 3 Build 1699, does not properly block data: URIs in Location headers in HTTP responses, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Location header that c...
Opera Opera Browser 7.23
Opera Opera Browser 9.02
Opera Opera Browser 7.53
Opera Opera Browser 8.50
Opera Opera Browser 9.51
Opera Opera Browser 8.53
Opera Opera Browser 9.12
Opera Opera Browser 8.0
Opera Opera Browser
Opera Opera Browser 8.54
Opera Opera Browser 8.02
Opera Opera Browser 9.20
Opera Opera Browser 9.21
Opera Opera Browser 8.51
Opera Opera Browser 7.60
Opera Opera Browser 7.54
Opera Opera Browser 9.22
Opera Opera Browser 9.01
Opera Opera Browser 9.0
Opera Opera Browser 9.10
Opera Opera Browser 8.52
Opera Opera Browser 10.00
383
VMScore
CVE-2009-2351
Opera 9.52 and previous versions does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refres...
Opera Opera Browser 7.23
Opera Opera Browser 9.02
Opera Opera Browser 7.53
Opera Opera Browser 8.50
Opera Opera Browser 9.51
Opera Opera Browser 8.53
Opera Opera Browser 9.12
Opera Opera Browser 8.0
Opera Opera Browser
Opera Opera Browser 8.54
Opera Opera Browser 8.02
Opera Opera Browser 9.20
Opera Opera Browser 9.21
Opera Opera Browser 8.51
Opera Opera Browser 7.60
Opera Opera Browser 7.54
Opera Opera Browser 9.22
Opera Opera Browser 9.01
Opera Opera Browser 9.0
Opera Opera Browser 9.10
Opera Opera Browser 8.52
Opera Opera Browser 10.00
445
VMScore
CVE-2009-2577
Opera 9.52 and previous versions allows remote malicious users to cause a denial of service (CPU and memory consumption, and application hang) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479.
Opera Opera Browser 7.23
Opera Opera Browser 9.02
Opera Opera Browser 7.53
Opera Opera Browser 8.50
Opera Opera Browser 9.51
Opera Opera Browser 8.53
Opera Opera Browser 9.12
Opera Opera Browser 8.0
Opera Opera Browser
Opera Opera Browser 8.54
Opera Opera Browser 8.02
Opera Opera Browser 9.20
Opera Opera Browser 9.21
Opera Opera Browser 8.51
Opera Opera Browser 7.60
Opera Opera Browser 7.54
Opera Opera Browser 9.22
Opera Opera Browser 9.01
Opera Opera Browser 9.0
Opera Opera Browser 9.10
Opera Opera Browser 8.52
Opera Opera Browser 8.01
445
VMScore
CVE-2009-3045
Opera prior to 10.00 trusts root X.509 certificates signed with the MD2 algorithm, which makes it easier for man-in-the-middle malicious users to spoof arbitrary SSL servers via a crafted server certificate.
Opera Opera Browser 7.23
Opera Opera Browser 9.02
Opera Opera Browser 7.53
Opera Opera Browser 8.50
Opera Opera Browser 9.51
Opera Opera Browser 8.53
Opera Opera Browser 9.12
Opera Opera Browser 8.0
Opera Opera Browser 8.54
Opera Opera Browser 8.02
Opera Opera Browser 9.20
Opera Opera Browser 9.21
Opera Opera Browser 8.51
Opera Opera Browser 9.64
Opera Opera Browser 7.60
Opera Opera Browser 7.54
Opera Opera Browser 9.22
Opera Opera Browser 9.01
Opera Opera Browser 9.0
Opera Opera Browser 9.10
Opera Opera Browser
Opera Opera Browser 8.52
383
VMScore
CVE-2009-3047
Opera prior to 10.00, when a collapsed address bar is used, does not properly update the domain name from the previously visited site to the currently visited site, which might allow remote malicious users to spoof URLs.
Opera Opera Browser 7.23
Opera Opera Browser 9.02
Opera Opera Browser 7.53
Opera Opera Browser 8.50
Opera Opera Browser 9.51
Opera Opera Browser 8.53
Opera Opera Browser 9.12
Opera Opera Browser 8.0
Opera Opera Browser 8.54
Opera Opera Browser 8.02
Opera Opera Browser 9.20
Opera Opera Browser 9.21
Opera Opera Browser 8.51
Opera Opera Browser 9.64
Opera Opera Browser 7.60
Opera Opera Browser 7.54
Opera Opera Browser 9.22
Opera Opera Browser 9.01
Opera Opera Browser 9.0
Opera Opera Browser 9.10
Opera Opera Browser
Opera Opera Browser 8.52
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »