Total
272 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-4548 | 1 Ibm | 1 Security Directory Server | 2020-02-05 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Security Directory Server 6.4.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 165950. | |||||
| CVE-2013-6772 | 1 Splunk | 1 Splunk | 2020-01-27 | 4.3 MEDIUM | 4.3 MEDIUM |
| Splunk before 5.0.4 lacks X-Frame-Options which can allow Clickjacking | |||||
| CVE-2019-4742 | 1 Ibm | 1 Financial Transaction Manager For Multiplatform | 2019-12-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 172877. | |||||
| CVE-2019-15930 | 1 Intesync | 1 Solismed | 2019-12-13 | 4.3 MEDIUM | 4.3 MEDIUM |
| Intesync Solismed 3.3sp allows Clickjacking. | |||||
| CVE-2019-17131 | 1 Vbulletin | 1 Vbulletin | 2019-10-11 | 4.3 MEDIUM | 4.3 MEDIUM |
| vBulletin before 5.5.4 allows clickjacking. | |||||
| CVE-2017-16775 | 1 Synology | 1 Sso Server | 2019-10-09 | 5.8 MEDIUM | 6.1 MEDIUM |
| Improper restriction of rendered UI layers or frames vulnerability in SSOOauth.cgi in Synology SSO Server before 2.1.3-0129 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | |||||
| CVE-2018-9524 | 1 Google | 1 Android | 2019-10-03 | 6.9 MEDIUM | 7.8 HIGH |
| In functionality implemented in System UI, there are insufficient protections implemented around overlay windows. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1. Android ID: A-34170870 | |||||
| CVE-2017-0492 | 1 Google | 1 Android | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| An elevation of privilege vulnerability in the System UI could enable a local malicious application to create a UI overlay covering the entire screen. This issue is rated as Moderate because it is a local bypass of user interaction requirements that would normally require either user initiation or user permission. Product: Android. Versions: 7.1.1. Android ID: A-30150688. | |||||
| CVE-2018-12576 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2019-10-03 | 4.3 MEDIUM | 4.3 MEDIUM |
| TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking. | |||||
| CVE-2017-11290 | 1 Adobe | 1 Connect | 2019-10-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or Clickjacking) vulnerability exists. This issue has been resolved by adding a feature that enables Connect administrators to protect users from UI redressing (or clickjacking) attacks. | |||||
| CVE-2018-9458 | 1 Google | 1 Android | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible interception of keypresses due to focus being on the wrong window. This could lead to local escalation of privilege revealing the user's keypresses while the screen was locked with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-71786287. | |||||
| CVE-2019-16175 | 1 Limesurvey | 1 Limesurvey | 2019-09-10 | 4.3 MEDIUM | 4.3 MEDIUM |
| A clickjacking vulnerability was found in Limesurvey before 3.17.14. | |||||