Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-20 | CVE-2021-27467 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Emerson products A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. | 5.8 |
| 2021-05-14 | CVE-2021-22866 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Github Enterprise Server A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. | 8.8 |
| 2021-03-24 | CVE-2021-1403 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Cisco IOS XE A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site WebSocket hijacking (CSWSH) attack and cause a denial of service (DoS) condition on an affected device. | 7.4 |
| 2021-03-23 | CVE-2021-23274 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Tibco products The Config UI component of TIBCO Software Inc.'s TIBCO API Exchange Gateway and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a clickjacking attack on the affected system. | 9.8 |
| 2021-03-10 | CVE-2021-0386 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0 In onCreate of UsbConfirmActivity, there is a possible tapjacking vector due to an insecure default value. | 7.8 |
| 2021-03-10 | CVE-2021-0391 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate() of ChooseTypeAndAccountActivity.java, there is a possible way to learn the existence of an account, without permissions, due to a tapjacking/overlay attack. | 7.8 |
| 2021-02-26 | CVE-2021-23955 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. | 4.3 |
| 2021-02-26 | CVE-2021-23976 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. | 5.8 |
| 2021-02-18 | CVE-2021-27375 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Containous Traefik Traefik before 2.4.5 allows the loading of IFRAME elements from other domains. | 5.0 |
| 2021-02-10 | CVE-2021-0333 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. | 6.9 |