Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-15 | CVE-2021-0992 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0 In onCreate of PaymentDefaultDialog.java, there is a possible way to change a default payment app without user consent due to tapjack overlay. | 3.3 |
| 2021-12-15 | CVE-2021-1006 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0 In several functions of DatabaseManager.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. | 4.4 |
| 2021-12-15 | CVE-2021-1016 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0 In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB without informed user consent due to a tapjacking/overlay attack. | 7.3 |
| 2021-12-15 | CVE-2021-1038 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In UserDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack. | 5.5 |
| 2021-12-15 | CVE-2021-1039 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In NotificationAccessActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. | 7.8 |
| 2021-12-15 | CVE-2021-1040 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of BluetoothPairingSelectionFragment.java, there is a possible EoP due to a tapjacking/overlay attack. | 7.8 |
| 2021-12-13 | CVE-2021-39054 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Spectrum Copy Data Management 2.2.0.0/2.2.13 IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
| 2021-12-10 | CVE-2021-40834 | Improper Restriction of Rendered UI Layers or Frames vulnerability in F-Secure Safe 17.9 A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. | 4.3 |
| 2021-12-08 | CVE-2021-38506 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. | 4.3 |
| 2021-12-08 | CVE-2021-38508 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. | 4.3 |