Unspecified vulnerability in Opera before 9.64 has unknown impact and attack vectors, related to a "moderately severe issue."

Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that triggers memory corruption.

Opera before 9.64 allows remote attackers to conduct cross-domain scripting attacks via unspecified vectors related to plug-ins.

Unspecified vulnerability in the TYPO3 Simple File Browser (simplefilebrowser) extension 1.0.2 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors.

The web browser in Symbian OS on the Nokia N95 cell phone allows remote attackers to cause a denial of service (crash) via JavaScript code that calls the setAttributeNode method.

Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possibly other versions including 11.0.1, might allow remote attackers to execute arbitrary code via "duplicated" attribute value inputs.

Unspecified vulnerability in Opera before 9.63 allows remote attackers to "reveal random data" via unknown vectors.

Multiple buffer overflows in Opera before 9.63 might allow (1) remote attackers to execute arbitrary code via a crafted text area, or allow (2) user-assisted remote attackers to execute arbitrary code via a long host name in a file: URL. NOTE: this might overlap CVE-2008-5178.

Cross-site scripting (XSS) vulnerability in Opera before 9.63 allows remote attackers to inject arbitrary web script or HTML via built-in XSLT templates.

Opera before 9.63 does not block unspecified "scripted URLs" during the feed preview, which allows remote attackers to read existing subscriptions and force subscriptions to arbitrary feed URLs.