Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-15 | CVE-2021-1038 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In UserDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack. | 5.5 |
| 2021-12-15 | CVE-2021-1039 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In NotificationAccessActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. | 7.8 |
| 2021-12-15 | CVE-2021-1040 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of BluetoothPairingSelectionFragment.java, there is a possible EoP due to a tapjacking/overlay attack. | 7.8 |
| 2021-12-13 | CVE-2021-39054 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Spectrum Copy Data Management 2.2.0.0/2.2.13 IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
| 2021-12-10 | CVE-2021-40834 | Improper Restriction of Rendered UI Layers or Frames vulnerability in F-Secure Safe 17.9 A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. | 4.3 |
| 2021-12-08 | CVE-2021-38506 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. | 4.3 |
| 2021-12-08 | CVE-2021-38508 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. | 4.3 |
| 2021-12-08 | CVE-2021-38509 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing. | 4.3 |
| 2021-12-08 | CVE-2021-43546 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. | 4.3 |
| 2021-11-16 | CVE-2021-43048 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Tibco Partnerexpress The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a clickjacking attack on the affected system. | 9.8 |