Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-17 | CVE-2017-4015 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mcafee Network Data Loss Prevention 9.3.0 Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header. | 4.5 |
| 2017-05-02 | CVE-2017-7440 | Improper Restriction of Rendered UI Layers or Frames vulnerability in GFI Kerio Connect and Kerio Connect Client Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop application for Windows and Mac 9.2.0 through 9.2.2, when e-mail preview is enabled, allows remote attackers to conduct clickjacking attacks via a crafted e-mail message. | 6.5 |
| 2017-03-08 | CVE-2017-0492 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 7.0/7.1.0/7.1.1 An elevation of privilege vulnerability in the System UI could enable a local malicious application to create a UI overlay covering the entire screen. | 5.5 |
| 2017-02-17 | CVE-2017-5026 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Chrome Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from being displayed by swapped out frames, which allowed a remote attacker to show alerts on a page they don't control via a crafted HTML page. | 4.3 |
| 2017-02-17 | CVE-2017-5016 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Chrome Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to prevent certain UI elements from being displayed by non-visible pages, which allowed a remote attacker to show certain UI elements on a page they don't control via a crafted HTML page. | 6.5 |
| 2016-06-13 | CVE-2016-2496 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 6.0/6.0.1 The Framework UI permission-dialog implementation in Android 6.x before 2016-06-01 allows attackers to conduct tapjacking attacks and access arbitrary private-storage files by creating a partially overlapping window, aka internal bug 26677796. | 9.8 |