Page 30 of 271 results (0.010 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Opera 10.50 allows remote attackers to obtain sensitive information via crafted XSLT constructs, which cause Opera to return cached contents of other pages. Opera v10.50 permite a atacantes remotos obtener información a través de construcciones XSLT manipuladas, lo que provoca devuelva contenidos cacheados de otras páginas. • http://secunia.com/advisories/38820 http://www.opera.com/docs/changelogs/windows/1051 http://www.opera.com/support/kb/view/949 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.8EPSS: 0%CPEs: 29EXPL: 0

Opera before 10.10, when exception stacktraces are enabled, places scripting error messages from a web site into variables that can be read by a different web site, which allows remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via unspecified vectors. Opera anterior v.10.10, cuando las stacktraces excepcionales son activadas, sitúa mensajes de error de código desde un sitio web en variables que pueden ser leídos por diferentes sitios web, permitiendo a atacantes remotos obtener información sensible o conducir un ataque de secuencias de comandos en sitios cruzados (XSS) a través de vectores no especificados. • http://osvdb.org/60527 http://secunia.com/advisories/37469 http://www.opera.com/docs/changelogs/mac/1010 http://www.opera.com/docs/changelogs/unix/1010 http://www.opera.com/docs/changelogs/windows/1010 http://www.opera.com/support/kb/view/941 http://www.securityfocus.com/bid/37089 http://www.vupen.com/english/advisories/2009/3297 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6385 • CWE-16: Configuration •

CVSS: 10.0EPSS: 0%CPEs: 28EXPL: 0

Unspecified vulnerability in Opera before 10.10 has unknown impact and attack vectors, related to a "moderately severe issue." Vulnerabilidad no esperada en Opera anterior v.10.10 tiene un impacto y vectores de ataque desconocidos, relacionados con un "asunto moderadamente severo." • http://osvdb.org/60528 http://secunia.com/advisories/37469 http://www.opera.com/docs/changelogs/mac/1010 http://www.opera.com/docs/changelogs/unix/1010 http://www.opera.com/docs/changelogs/windows/1010 http://www.securityfocus.com/bid/37089 http://www.vupen.com/english/advisories/2009/3297 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6543 •

CVSS: 9.3EPSS: 3%CPEs: 2EXPL: 0

Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name. Opera v10.01 permite a atacantes remotos ejecutar código arbitrario o producir una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un nombre de dominio manipulado. • http://secunia.com/advisories/37182 http://www.opera.com/docs/changelogs/mac/1001 http://www.opera.com/docs/changelogs/unix/1001 http://www.opera.com/docs/changelogs/windows/1001 http://www.opera.com/support/kb/view/938 http://www.osvdb.org/59357 http://www.securityfocus.com/bid/36850 http://www.vupen.com/english/advisories/2009/3073 https://exchange.xforce.ibmcloud.com/vulnerabilities/54020 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval% • CWE-787: Out-of-bounds Write •

CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0

Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site. Opera en versiones anteriores a v10.01 corriendo sobre Windows no previene el uso de fuentes web en el renderizado de la interfaz de usuario, lo que permite a atacantes remotos falsificar el campo "dirección" a través de una pagina web manipulada. • http://secunia.com/advisories/37182 http://www.opera.com/docs/changelogs/windows/1001 http://www.opera.com/support/kb/view/940 http://www.osvdb.org/59359 http://www.securityfocus.com/bid/36850 http://www.vupen.com/english/advisories/2009/3073 https://exchange.xforce.ibmcloud.com/vulnerabilities/54022 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6384 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •