Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-26 | CVE-2023-20913 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of PhoneAccountSettingsActivity.java and related files, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. | 7.8 |
| 2023-01-26 | CVE-2022-20213 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 In ApplicationsDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack. | 5.5 |
| 2023-01-26 | CVE-2022-20214 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking attack. | 4.7 |
| 2023-01-26 | CVE-2022-20215 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 In onCreate of MasterClearConfirmFragment.java, there is a possible factory reset due to a tapjacking/overlay attack. | 5.5 |
| 2023-01-05 | CVE-2023-0057 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Improper Restriction of Rendered UI Layers or Frames in GitHub repository pyload/pyload prior to 0.5.0b3.dev33. | 6.1 |
| 2022-12-22 | CVE-2022-28286 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox ESR Due to a layout change, iframe contents could have been rendered outside of its border. | 5.4 |
| 2022-12-22 | CVE-2022-29911 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Thunderbird An improper implementation of the new iframe sandbox keyword <code>allow-top-navigation-by-user-activation</code> could lead to script execution without <code>allow-scripts</code> being present. | 6.1 |
| 2022-12-22 | CVE-2022-3034 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Thunderbird When receiving an HTML email that specified to load an <code>iframe</code> element from a remote location, a request to the remote document was sent. | 4.3 |
| 2022-12-22 | CVE-2022-45417 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. | 4.3 |
| 2022-12-22 | CVE-2022-45418 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. | 6.1 |