Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-26 | CVE-2021-23955 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. | 6.1 |
| 2021-02-26 | CVE-2021-23976 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. | 8.1 |
| 2021-02-18 | CVE-2021-27375 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Containous Traefik Traefik before 2.4.5 allows the loading of IFRAME elements from other domains. | 5.3 |
| 2021-02-10 | CVE-2021-0333 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. | 7.3 |
| 2021-02-10 | CVE-2021-0331 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. | 7.3 |
| 2021-02-10 | CVE-2021-0314 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/8.1/9.0 In onCreate of UninstallerActivity, there is a possible way to uninstall an all without informed user consent due to a tapjacking/overlay attack. | 7.3 |
| 2021-02-10 | CVE-2021-0305 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/8.1/9.0 In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. | 7.8 |
| 2021-02-10 | CVE-2021-0302 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/8.1/9.0 In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. | 7.8 |
| 2021-02-09 | CVE-2021-21444 | Improper Restriction of Rendered UI Layers or Frames vulnerability in SAP Businessobjects Business Intelligence 410/420/430 SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. | 6.1 |
| 2021-02-09 | CVE-2021-21139 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 6.5 |