CWE-1021
Improper Restriction of Rendered UI Layers or Frames
The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain.
376 vulnerabilities with CWE-1021
CVE-2022-33727
MEDIUM
SecDevicePickerDialog <SMR Aug-2022 Release 1 - Info Disclosure
CVSS 4.8
CVE-2022-33723
MEDIUM
BluetoothScanDialog <SMR Aug-2022 Release 1 - Info Disclosure
CVSS 4.8
CVE-2022-34162
MEDIUM
IBM CICS TX 11.1 - CSRF
CVSS 6.1
CVE-2022-1138
MEDIUM
Google Chrome <100.0.4896.60 - Info Disclosure
CVSS 6.5
CVE-2022-2179
MEDIUM
Rockwell Automation MicroLogix <21.007 - CSRF
CVSS 6.5
CVE-2022-20226
LOW
Android - Privilege Escalation
CVSS 3.9
CVE-2022-20212
HIGH
Android - Privilege Escalation
CVSS 7.8
CVE-2022-28889
MEDIUM
Apache Druid <0.23.0 - CSRF
CVSS 4.3
CVE-2022-27220
MEDIUM
SINEMA Remote Connect Server < V3.0 SP2 - Info Disclosure
CVSS 4.3
CVE-2022-27219
MEDIUM
SINEMA Remote Connect Server < V3.0 SP2 - Info Disclosure
CVSS 4.3
CVE-2022-1803
MEDIUM
polonel/trudesk <1.2.2 - Info Disclosure
CVSS 6.9
CVE-2022-28649
MEDIUM
JetBrains YouTrack <2022.1.43563 - SSRF
CVSS 4.6
CVE-2022-0455
MEDIUM
Google Chrome <98.0.4758.80 - XSS
CVSS 6.5
CVE-2022-24733
MEDIUM
Sylius <1.9.10, <1.10.11, <1.11.2 - CSRF
CVSS 6.1
CVE-2022-0110
MEDIUM
Google Chrome <97.0.4692.71 - XSS
CVSS 4.3
CVE-2022-22807
HIGH
EcoStruxure EV Charging Expert <SP8 - UI Layer Modification
CVSS 7.4
CVE-2022-22552
MEDIUM
Dell EMC AppSync <4.3 - CSRF
CVSS 6.9
CVE-2021-29827
MEDIUM
IBM InfoSphere Information Server 11.7 - CSRF
CVSS 5.2
CVE-2021-29865
MEDIUM
IBM Jazz Team Server <7.0.2 - CSRF
CVSS 5.4
CVE-2021-39691
HIGH
Android <12 - Privilege Escalation
CVSS 7.3
CVE-2021-27773
MEDIUM
Hcltech HCL Sametime Meeting Chat - Clickjacking
CVSS 4.2
CVE-2021-39796
HIGH
Android - Privilege Escalation
CVSS 7.3
CVE-2021-44683
HIGH
DuckDuckGo Browser 7.64.4 - XSS
CVSS 8.2
CVE-2021-39702
HIGH
Android - Privilege Escalation
CVSS 7.8
CVE-2021-39692
HIGH
Android <12 - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities
376