Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-26 | CVE-2022-20213 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 In ApplicationsDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack. | 5.5 |
| 2023-01-26 | CVE-2022-20214 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking attack. | 4.7 |
| 2023-01-26 | CVE-2022-20215 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 In onCreate of MasterClearConfirmFragment.java, there is a possible factory reset due to a tapjacking/overlay attack. | 5.5 |
| 2022-12-22 | CVE-2022-28286 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox ESR Due to a layout change, iframe contents could have been rendered outside of its border. | 5.4 |
| 2022-12-22 | CVE-2022-29911 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Thunderbird An improper implementation of the new iframe sandbox keyword <code>allow-top-navigation-by-user-activation</code> could lead to script execution without <code>allow-scripts</code> being present. | 6.1 |
| 2022-12-22 | CVE-2022-3034 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Thunderbird When receiving an HTML email that specified to load an <code>iframe</code> element from a remote location, a request to the remote document was sent. | 4.3 |
| 2022-12-22 | CVE-2022-45417 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. | 4.3 |
| 2022-12-22 | CVE-2022-45418 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. | 6.1 |
| 2022-12-22 | CVE-2022-45420 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. | 6.5 |
| 2022-12-16 | CVE-2022-20520 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 13.0 In onCreate of various files, there is a possible tapjacking/overlay attack. | 7.8 |