Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-10 | CVE-2018-19957 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Qnap Qts, Quts Hero and Qutscloud A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTScloud. | 6.1 |
| 2021-08-26 | CVE-2021-3734 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Yourls yourls is vulnerable to Improper Restriction of Rendered UI Layers or Frames | 8.8 |
| 2021-08-23 | CVE-2021-3731 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. | 4.7 |
| 2021-08-13 | CVE-2021-32070 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mitel Micollab The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to an insecure header response. | 5.4 |
| 2021-08-09 | CVE-2021-37788 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Gurock Testrail 5.3.0.3603 A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. | 5.4 |
| 2021-08-05 | CVE-2021-33596 | Improper Restriction of Rendered UI Layers or Frames vulnerability in F-Secure Safe Showing the legitimate URL in the address bar while loading the content from other domain. | 4.1 |
| 2021-07-26 | CVE-2021-20560 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Sterling Connect Direct User Interface 1.4.1.1/1.5.0.2 IBM Sterling Connect:Direct Browser User Interface 1.4.1.1 and 1.5.0.2 could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
| 2021-07-14 | CVE-2021-0586 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an unwanted bluetooth device due to a tapjacking/overlay attack. | 7.8 |
| 2021-07-14 | CVE-2021-0603 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0 In onCreate of ContactSelectionActivity.java, there is a possible way to get access to contacts without permission due to a tapjacking/overlay attack. | 7.8 |
| 2021-06-28 | CVE-2021-35300 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Zammad Text injection/Content Spoofing in 404 page in Zammad 1.0.x up to 4.0.0 could allow remote attackers to manipulate users into visiting the attackers' page. | 4.3 |