Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-19 | CVE-2021-29827 | IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. low complexity CWE-1021 | 5.2 |
| 2024-11-14 | CVE-2024-7404 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Gitlab An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7, starting from 17.4 prior to 17.4.4 and starting from 17.5 prior to 17.5.2, which could have allowed an attacker gaining full API access as the victim via the Device OAuth flow. | 6.5 |
| 2024-10-01 | CVE-2024-9397 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. | 6.1 |
| 2024-08-15 | CVE-2024-34743 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 14.0 In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due to a logic error in the code. | 7.8 |
| 2024-07-30 | CVE-2024-39320 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Discourse Discourse is an open source discussion platform. | 6.1 |
| 2024-07-29 | CVE-2024-40817 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple Macos The issue was addressed with improved UI handling. | 6.1 |
| 2024-07-16 | CVE-2023-7013 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Chrome Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. | 4.7 |
| 2024-07-09 | CVE-2024-31323 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 14.0 In onCreate of multiple files, there is a possible way to trick the user into granting health permissions due to tapjacking. | 7.8 |
| 2024-07-09 | CVE-2024-31324 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In hide of WindowState.java, there is a possible way to bypass tapjacking/overlay protection by launching the activity in portrait mode first and then rotating it to landscape mode. | 7.3 |
| 2024-07-09 | CVE-2024-2177 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Gitlab A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3 prior to 16.11.5, 17.0 prior to 17.0.3, and 17.1 prior to 17.1.1. | 6.8 |