Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-11 | CVE-2024-5698 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. | 6.1 |
| 2024-05-15 | CVE-2024-4950 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 6.5 |
| 2024-02-20 | CVE-2024-1550 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. | 6.1 |
| 2024-02-10 | CVE-2023-45698 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Hcltech Sametime Chat and Meetings Sametime is impacted by lack of clickjacking protection in Outlook add-in. | 6.1 |
| 2024-02-06 | CVE-2024-20810 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Samsung Android 12.0/13.0 Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive information. | 3.3 |
| 2024-01-10 | CVE-2022-32919 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple Ipados The issue was addressed with improved UI handling. | 4.7 |
| 2023-12-31 | CVE-2023-6093 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Moxa Oncell G3150A-Lte Firmware 1.3 A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. | 6.1 |
| 2023-12-19 | CVE-2023-6867 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. | 6.1 |
| 2023-11-30 | CVE-2023-2265 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Selinc Sel-411L Firmware An Improper Restriction of Rendered UI Layers or Frames in the Schweitzer Engineering Laboratories SEL-411L could allow an unauthenticated attacker to perform clickjacking based attacks against an authenticated and authorized user. See product Instruction Manual Appendix A dated 20230830 for more details. | 6.1 |
| 2023-11-21 | CVE-2023-6206 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. | 5.4 |