Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-09 | CVE-2021-21132 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension. | 9.6 |
| 2021-01-27 | CVE-2020-4547 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM products IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
| 2021-01-11 | CVE-2021-0315 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of GrantCredentialsPermissionActivity.java, there is a possible way to convince the user to grant an app access to an account due to a tapjacking/overlay attack. | 7.3 |
| 2021-01-11 | CVE-2020-27059 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onAuthenticated of AuthenticationClient.java, there is a possible tapjacking attack when requesting the user's fingerprint due to an overlaid window. | 7.8 |
| 2021-01-08 | CVE-2021-21111 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | 9.6 |
| 2021-01-08 | CVE-2020-5020 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |
| 2021-01-08 | CVE-2020-16033 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Chrome Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page. | 4.3 |
| 2021-01-08 | CVE-2020-16032 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Chrome Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
| 2021-01-08 | CVE-2020-16031 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Chrome Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
| 2020-12-29 | CVE-2020-35735 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Vidyo Vidyo 02-09-/D allows clickjacking via the portal/ URI. | 4.7 |