Opera

Opera Browser

282 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2010-4585

  • EPSS 0.89%
  • Veröffentlicht 22.12.2010 03:00:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in the auto-update functionality in Opera before 11.00 allows remote attackers to cause a denial of service (application crash) by triggering an Opera Unite update.

10

CVE-2010-4586

  • EPSS 0.46%
  • Veröffentlicht 22.12.2010 03:00:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The default configuration of Opera before 11.00 enables WebSockets functionality, which has unspecified impact and remote attack vectors, possibly a related issue to CVE-2010-4508.

9.3

CVE-2010-4587

  • EPSS 0.57%
  • Veröffentlicht 22.12.2010 03:00:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Opera before 11.00 on Windows does not properly implement the Insecure Third Party Module warning message, which might make it easier for user-assisted remote attackers to have an unspecified impact via a crafted module.

4.3

CVE-2010-4043

  • EPSS 0.92%
  • Veröffentlicht 21.10.2010 19:00:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive information via a crafted document.

4.3

CVE-2010-4044

  • EPSS 0.74%
  • Veröffentlicht 21.10.2010 19:00:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Opera before 10.63 does not ensure that the portion of a URL shown in the Address Bar contains the beginning of the URL, which allows remote attackers to spoof URLs by changing a window's size.

9.3

CVE-2010-4045

  • EPSS 4.52%
  • Veröffentlicht 21.10.2010 19:00:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Opera before 10.63 does not properly restrict web script in unspecified circumstances involving reloads and redirects, which allows remote attackers to spoof the Address Bar, conduct cross-site scripting (XSS) attacks, and possibly execute arbitrary ...

4.3

CVE-2010-4046

  • EPSS 0.78%
  • Veröffentlicht 21.10.2010 19:00:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Opera before 10.63 does not properly verify the origin of video content, which allows remote attackers to obtain sensitive information by using a video stream as HTML5 canvas content.

4.3

CVE-2010-4047

  • EPSS 0.5%
  • Veröffentlicht 21.10.2010 19:00:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Opera before 10.63 does not properly select the security context of JavaScript code associated with an error page, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.

4.3

CVE-2010-4048

  • EPSS 0.37%
  • Veröffentlicht 21.10.2010 19:00:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Opera before 10.63 allows user-assisted remote web servers to cause a denial of service (application crash) by sending a redirect during the saving of a file.

4.3

CVE-2010-4049

  • EPSS 0.69%
  • Veröffentlicht 21.10.2010 19:00:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Opera before 10.63 allows remote attackers to cause a denial of service (application crash) via a Flash movie with a transparent Window Mode (aka wmode) property, which is not properly handled during navigation away from the containing HTML document.