Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-22 | CVE-2021-0537 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0 In onCreate of WiFiInstaller.java, there is a possible way to install a malicious Hotspot 2.0 configuration due to a tapjacking/overlay attack. | 7.3 |
| 2021-06-22 | CVE-2021-0538 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0 In onCreate of EmergencyCallbackModeExitDialog.java, there is a possible exit of emergency callback mode due to a tapjacking/overlay attack. | 7.3 |
| 2021-06-22 | CVE-2021-0569 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0 In onStart of ContactsDumpActivity.java, there is possible access to contacts due to a tapjacking/overlay attack. | 5.0 |
| 2021-06-21 | CVE-2021-0506 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. | 7.3 |
| 2021-06-21 | CVE-2021-0523 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0 In onCreate of WifiScanModeActivity.java, there is a possible way to enable Wi-Fi scanning without user consent due to a tapjacking/overlay attack. | 7.3 |
| 2021-06-11 | CVE-2021-0487 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0 In onCreate of CalendarDebugActivity.java, there is a possible way to export calendar data to the sdcard without user consent due to a tapjacking/overlay attack. | 7.8 |
| 2021-05-14 | CVE-2021-22866 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Github Enterprise Server A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. | 8.8 |
| 2021-04-13 | CVE-2021-0446 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0 In ImportVCardActivity, there is a possible way to bypass user consent due to a tapjacking/overlay attack. | 7.3 |
| 2021-04-13 | CVE-2021-0438 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/8.1/9.0 In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAG_OBSCURED value. | 7.8 |
| 2021-04-13 | CVE-2021-0433 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack. | 8.0 |