Vulnerabilities > Improper Restriction of Rendered UI Layers or Frames
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-11 | CVE-2021-39669 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0/12.0 In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about CA installation circumstances due to a tapjacking/overlay attack. | 4.4 |
| 2022-02-09 | CVE-2022-22807 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Schneider-Electric products A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause unintended modifications of the product settings or user accounts when deceiving the user to use the web interface rendered within iframes. | 7.4 |
| 2022-01-28 | CVE-2021-22819 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Schneider-Electric products A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause unintended modifications of the product settings or user accounts when deceiving the user to use the web interface rendered within iframes. | 4.3 |
| 2022-01-21 | CVE-2022-22552 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Dell EMC Appsync Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. | 5.8 |
| 2022-01-14 | CVE-2021-1036 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. | 6.8 |
| 2022-01-10 | CVE-2021-34087 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Ultimaker products In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3 and Ultimaker 3 through 5.2.16, the local webserver can be used for clickjacking. | 6.8 |
| 2021-12-15 | CVE-2021-0954 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0 In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay attack. | 6.9 |
| 2021-12-15 | CVE-2021-0963 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. | 3.3 |
| 2021-12-15 | CVE-2021-0992 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0 In onCreate of PaymentDefaultDialog.java, there is a possible way to change a default payment app without user consent due to tapjack overlay. | 1.9 |
| 2021-12-15 | CVE-2021-1006 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0 In several functions of DatabaseManager.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. | 2.1 |