Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-33727 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 A vulnerable code in onCreate of SecDevicePickerDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack. | 6.1 |
| 2022-08-01 | CVE-2022-34162 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |
| 2022-07-23 | CVE-2022-1138 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Chrome Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page. | 6.5 |
| 2022-07-20 | CVE-2022-2179 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Rockwellautomation Micrologix 1100 Firmware and Micrologix 1400 Firmware The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks. | 6.5 |
| 2022-07-13 | CVE-2022-20212 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0 In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. | 7.8 |
| 2022-07-13 | CVE-2022-20226 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0/12.1 In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. | 3.9 |
| 2022-07-07 | CVE-2022-28889 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Apache Druid In Apache Druid 0.22.1 and earlier, the server did not set appropriate headers to prevent clickjacking. | 4.3 |
| 2022-06-24 | CVE-2021-29865 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Jazz Team Server IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
| 2022-06-15 | CVE-2021-39691 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when processing user input. | 7.3 |
| 2022-06-14 | CVE-2022-27219 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Siemens Sinema Remote Connect Server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). | 4.3 |