Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-20 | CVE-2022-1803 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Trudesk Project Trudesk Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2. | 6.9 |
| 2022-05-12 | CVE-2021-27773 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Hcltech Sametime 11.6 This vulnerability allows users to execute a clickjacking attack in the meeting's chat. | 4.3 |
| 2022-04-12 | CVE-2021-39796 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick victim to install harmful app due to a tapjacking/overlay attack. | 7.3 |
| 2022-04-05 | CVE-2022-28649 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue description | 5.4 |
| 2022-04-05 | CVE-2022-0455 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Chrome Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 98.0.4758.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 6.5 |
| 2022-03-25 | CVE-2021-44683 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Duckduckgo The DuckDuckGo browser 7.64.4 on iOS allows Address Bar Spoofing due to mishandling of the JavaScript window.open function (used to open a secondary browser window). | 8.2 |
| 2022-03-16 | CVE-2021-39692 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 In onCreate of SetupLayoutActivity.java, there is a possible way to setup a work profile bypassing user consent due to a tapjacking/overlay attack. | 7.8 |
| 2022-03-16 | CVE-2021-39702 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0 In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to install certificates without user approval due to a tapjacking/overlay attack. | 7.8 |
| 2022-03-11 | CVE-2021-27414 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Hitachienergy Ellipse Enterprise Asset Management 9.0.22 An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials. | 6.1 |
| 2022-03-11 | CVE-2021-46708 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Smartbear Swagger-Ui-Dist The swagger-ui-dist package before 4.1.3 for Node.js could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |