Show filters
9 Total Results
Displaying 1-9 of 9
Sort by:
Attacker Value
Unknown

CVE-2014-1870

Disclosure Date: February 06, 2014 (last updated October 05, 2023)
Opera before 19 on Mac OS X allows user-assisted remote attackers to spoof the address bar via vectors involving a drag-and-drop operation.
0
Attacker Value
Unknown

CVE-2014-0815

Disclosure Date: February 06, 2014 (last updated October 05, 2023)
The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated by reading stored cookies.
0
Attacker Value
Unknown

CVE-2013-4705

Disclosure Date: September 13, 2013 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Opera before 15.00 allows remote attackers to inject arbitrary web script or HTML by leveraging UTF-8 encoding.
0
Attacker Value
Unknown

CVE-2013-3211

Disclosure Date: April 19, 2013 (last updated October 05, 2023)
Unspecified vulnerability in Opera before 12.15 has unknown impact and attack vectors, related to a "moderately severe issue."
0
Attacker Value
Unknown

CVE-2013-3210

Disclosure Date: April 19, 2013 (last updated October 05, 2023)
Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the same top-level domain.
0
Attacker Value
Unknown

CVE-2013-1618

Disclosure Date: February 08, 2013 (last updated October 05, 2023)
The TLS implementation in Opera before 12.13 does not properly consider timing side-channel attacks on a MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
0
Attacker Value
Unknown

CVE-2013-1639

Disclosure Date: February 08, 2013 (last updated October 05, 2023)
Opera before 12.13 does not send CORS preflight requests in all required cases, which allows remote attackers to bypass a CSRF protection mechanism via a crafted web site that triggers a CORS request.
0
Attacker Value
Unknown

CVE-2013-1638

Disclosure Date: February 08, 2013 (last updated October 05, 2023)
Opera before 12.13 allows remote attackers to execute arbitrary code via crafted clipPaths in an SVG document.
0
Attacker Value
Unknown

CVE-2013-1637

Disclosure Date: February 08, 2013 (last updated October 05, 2023)
Opera before 12.13 allows remote attackers to execute arbitrary code via vectors involving DOM events.
0