Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-15 | CVE-2021-1016 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0 In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB without informed user consent due to a tapjacking/overlay attack. | 4.4 |
| 2021-12-15 | CVE-2021-1038 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In UserDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack. | 4.7 |
| 2021-12-15 | CVE-2021-1039 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In NotificationAccessActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. | 6.9 |
| 2021-12-15 | CVE-2021-1040 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of BluetoothPairingSelectionFragment.java, there is a possible EoP due to a tapjacking/overlay attack. | 7.2 |
| 2021-12-13 | CVE-2021-39054 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Spectrum Copy Data Management IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to hijack the clicking action of the victim. | 3.5 |
| 2021-12-10 | CVE-2021-40834 | Improper Restriction of Rendered UI Layers or Frames vulnerability in F-Secure Safe A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. | 4.3 |
| 2021-12-08 | CVE-2021-38506 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. | 4.3 |
| 2021-12-08 | CVE-2021-38508 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. | 4.3 |
| 2021-12-08 | CVE-2021-38509 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing. | 4.3 |
| 2021-12-08 | CVE-2021-43546 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. | 4.3 |