Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-18 | CVE-2019-1975 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Cisco products A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device. | 6.1 |
| 2019-09-17 | CVE-2019-4086 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Application Performance Management 8.1.4 IBM Cloud Application Performance Management 8.1.4 could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |
| 2019-09-16 | CVE-2019-16371 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Logmein Lastpass LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim's account on a previously visited web site, because do_popupregister can be bypassed via clickjacking. | 8.2 |
| 2019-09-09 | CVE-2019-16175 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Limesurvey A clickjacking vulnerability was found in Limesurvey before 3.17.14. | 4.3 |
| 2019-08-20 | CVE-2019-2125 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In ChangeDefaultDialerDialog.java, there is a possible escalation of privilege due to an overlay attack. | 7.3 |
| 2019-08-14 | CVE-2019-3639 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mcafee web Gateway Clickjack vulnerability in Adminstrator web console in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows remote attackers to conduct clickjacking attacks via a crafted web page that contains an iframe via does not send an X-Frame-Options HTTP header. | 7.1 |
| 2019-07-30 | CVE-2019-4285 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Websphere Application Server IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
| 2019-07-18 | CVE-2019-3794 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Pivotal Software Cloud Foundry UAA Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME-OPTIONS header on various endpoints. | 5.4 |
| 2019-07-09 | CVE-2019-9147 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mailvelope Mailvelope prior to 3.1.0 is vulnerable to a clickjacking attack against the settings page. | 4.3 |
| 2019-06-24 | CVE-2019-12880 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Bcnquark Quarking Password Manager 3.1.84 BCN Quark Quarking Password Manager 3.1.84 suffers from a clickjacking vulnerability caused by allowing * within web_accessible_resources. | 4.3 |