Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-24 | CVE-2021-1403 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Cisco IOS XE A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site WebSocket hijacking (CSWSH) attack and cause a denial of service (DoS) condition on an affected device. | 7.4 |
| 2021-03-23 | CVE-2021-23274 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Tibco products The Config UI component of TIBCO Software Inc.'s TIBCO API Exchange Gateway and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a clickjacking attack on the affected system. | 9.8 |
| 2021-03-10 | CVE-2021-0386 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0 In onCreate of UsbConfirmActivity, there is a possible tapjacking vector due to an insecure default value. | 7.8 |
| 2021-03-10 | CVE-2021-0391 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate() of ChooseTypeAndAccountActivity.java, there is a possible way to learn the existence of an account, without permissions, due to a tapjacking/overlay attack. | 7.8 |
| 2021-02-26 | CVE-2021-23955 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. | 6.1 |
| 2021-02-26 | CVE-2021-23976 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. | 8.1 |
| 2021-02-18 | CVE-2021-27375 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Containous Traefik Traefik before 2.4.5 allows the loading of IFRAME elements from other domains. | 5.3 |
| 2021-02-10 | CVE-2021-0333 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. | 7.3 |
| 2021-02-10 | CVE-2021-0331 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. | 7.3 |
| 2021-02-10 | CVE-2021-0314 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/8.1/9.0 In onCreate of UninstallerActivity, there is a possible way to uninstall an all without informed user consent due to a tapjacking/overlay attack. | 7.3 |