Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-12 | CVE-2021-27003 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X-Frame-Options header which could allow a clickjacking attack. | 4.7 |
| 2021-10-11 | CVE-2021-0583 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/9.0 In onCreate of BluetoothPairingDialog, there is a possible way to enable Bluetooth without user consent due to a tapjacking/overlay attack. | 7.3 |
| 2021-10-08 | CVE-2021-37971 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
| 2021-10-06 | CVE-2021-0598 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. | 7.3 |
| 2021-09-27 | CVE-2021-3799 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Getgrav Grav-Plugin-Admin grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames | 5.4 |
| 2021-09-10 | CVE-2018-19957 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Qnap Qts, Quts Hero and Qutscloud A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTScloud. | 6.1 |
| 2021-08-26 | CVE-2021-3734 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Yourls yourls is vulnerable to Improper Restriction of Rendered UI Layers or Frames | 8.8 |
| 2021-08-23 | CVE-2021-3731 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. | 4.7 |
| 2021-08-13 | CVE-2021-32070 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mitel Micollab The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to an insecure header response. | 5.4 |
| 2021-08-09 | CVE-2021-37788 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Gurock Testrail 5.3.0.3603 A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. | 5.4 |