Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-15 | CVE-2020-10951 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Westerndigital IBI and MY Cloud Home Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages. | 4.7 |
| 2020-04-06 | CVE-2020-1728 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products A vulnerability was found in all versions of Keycloak where, the pages on the Admin Console area of the application are completely missing general HTTP security headers in HTTP-responses. | 5.4 |
| 2020-04-02 | CVE-2019-19001 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Hitachienergy Esoms 4.0/6.0/6.0.2 For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP response. | 6.5 |
| 2020-03-10 | CVE-2020-0051 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0 In onCreate of SettingsHomepageActivity, there is a possible tapjacking attack. | 7.8 |
| 2020-03-09 | CVE-2020-9517 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Microfocus Service Manager 9.50/9.60 There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. | 5.4 |
| 2020-02-27 | CVE-2015-5686 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Puppet Enterprise Parts of the Puppet Enterprise Console 3.x were found to be susceptible to clickjacking and CSRF (Cross-Site Request Forgery) attacks. | 8.8 |
| 2020-02-18 | CVE-2013-5594 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding | 4.3 |
| 2020-02-13 | CVE-2020-0014 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable. | 5.5 |
| 2020-02-11 | CVE-2016-5710 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Netapp Snap Creator Framework NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors. | 4.6 |
| 2020-02-05 | CVE-2013-2682 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Cisco Linksys E4200 Firmware 1.0.05 Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information. | 4.3 |