Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-16 | CVE-2019-16371 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Logmein Lastpass LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim's account on a previously visited web site, because do_popupregister can be bypassed via clickjacking. | 8.2 |
| 2019-09-09 | CVE-2019-16175 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Limesurvey A clickjacking vulnerability was found in Limesurvey before 3.17.14. | 4.3 |
| 2019-08-20 | CVE-2019-2125 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In ChangeDefaultDialerDialog.java, there is a possible escalation of privilege due to an overlay attack. | 7.3 |
| 2019-08-14 | CVE-2019-3639 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mcafee web Gateway Clickjack vulnerability in Adminstrator web console in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows remote attackers to conduct clickjacking attacks via a crafted web page that contains an iframe via does not send an X-Frame-Options HTTP header. | 7.1 |
| 2019-07-30 | CVE-2019-4285 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Websphere Application Server IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
| 2019-07-18 | CVE-2019-3794 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Pivotal Software Cloud Foundry UAA Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME-OPTIONS header on various endpoints. | 5.4 |
| 2019-07-09 | CVE-2019-9147 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mailvelope Mailvelope prior to 3.1.0 is vulnerable to a clickjacking attack against the settings page. | 4.3 |
| 2019-06-24 | CVE-2019-12880 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Bcnquark Quarking Password Manager 3.1.84 BCN Quark Quarking Password Manager 3.1.84 suffers from a clickjacking vulnerability caused by allowing * within web_accessible_resources. | 4.3 |
| 2019-06-12 | CVE-2019-0305 | Improper Restriction of Rendered UI Layers or Frames vulnerability in SAP Netweaver Process Integration Java Server Pages (JSPs) provided by the SAP NetWeaver Process Integration (SAP_XIESR and SAP_XITOOL: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50) do not restrict or incorrectly restrict frame objects or UI layers that belong to another application or domain, resulting in Clickjacking vulnerability. | 4.3 |
| 2019-06-10 | CVE-2019-5243 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Huawei Hg255S Firmware There is a Clickjacking vulnerability in Huawei HG255s product. | 4.3 |