Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-04 | CVE-2025-1018 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox The fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. | 5.3 |
| 2025-02-04 | CVE-2025-1019 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox The z-order of the browser windows could be manipulated to hide the fullscreen notification. | 4.3 |
| 2024-12-19 | CVE-2021-29827 | IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. low complexity CWE-1021 | 5.2 |
| 2024-11-14 | CVE-2024-7404 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Gitlab An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7, starting from 17.4 prior to 17.4.4 and starting from 17.5 prior to 17.5.2, which could have allowed an attacker gaining full API access as the victim via the Device OAuth flow. | 6.5 |
| 2024-10-01 | CVE-2024-9397 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. | 6.1 |
| 2024-08-15 | CVE-2024-34743 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 14.0 In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due to a logic error in the code. | 7.8 |
| 2024-07-30 | CVE-2024-39320 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Discourse Discourse is an open source discussion platform. | 6.1 |
| 2024-07-29 | CVE-2024-40817 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple Macos The issue was addressed with improved UI handling. | 6.1 |
| 2024-07-16 | CVE-2023-7013 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Chrome Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. | 4.7 |
| 2024-07-09 | CVE-2024-31323 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 14.0 In onCreate of multiple files, there is a possible way to trick the user into granting health permissions due to tapjacking. | 7.8 |