CVE-2026-9396

The CVE-2026-9396 entry concerns Besen BS20 EV Charging Station firmware (up to 20260426). Affected component: Firmware Version Check. The vulnerability is caused by an issue in the UI layer rendering, where manipulation can cause improper restriction of rendered UI layers. The attack is describe...

CVE-2026-9396 Besen BS20 EV Charging Station Firmware Version Check ui layer

A security flaw has been discovered in Besen BS20 EV Charging Station up to 20260426. Affected by this vulnerability is an unknown functionality of the component Firmware Version Check. The manipulation results in improper restriction of rendered ui layers. The attack can be executed remotely. A...

CVE-2025-0421

Improper Restriction of Rendered UI Layers or Frames vulnerability in Shopside Software Technologies Inc. Shopside allows iFrame Overlay.This issue affects Shopside: through 05022025...

EUVD-2025-198157

Improper Restriction of Rendered UI Layers or Frames vulnerability in Shopside Software Technologies Inc. Shopside allows iFrame Overlay.This issue affects Shopside: through 05022025...

CVE-2025-9108 Portabilis i-Diario Login Page ui layer

Affected is an unknown function of the component Login Page. The manipulation leads to improper restriction of rendered ui layers. It is possible to launch the attack remotely...

The vulnerability of the Mozilla Firefox browser and the Thunderbird email client relates to improper limitation of the number of user interface layers or frames displayed. This allows attackers to perform spoofing attacks.

The vulnerability of the Mozilla Firefox browser and the Thunderbird email client is related to improper restrictions on the layers or frames that are displayed in the user interface. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

The vulnerability of the UI components in operating systems such as visionOS, iOS, iPadOS, macOS, and the Safari browser allows attackers to gain unauthorized access to confidential data.

The vulnerability of the UI components in operating systems such as visionOS, iOS, iPadOS, macOS, and the Safari browser is related to an improper limitation on the layers of the user interface that can be displayed. Exploiting this vulnerability may allow a remote attacker to gain unauthorized...

The vulnerability of the Mozilla Firefox browser and the Thunderbird email client on Android operating systems stems from an improper limitation on the displayed layers of the user interface. This allows attackers to execute a type of attack known as tapjacking.

The vulnerability of the Mozilla Firefox browser and the Thunderbird email client on Android operating systems is related to an improper limitation on the displayed layers of the user interface. Exploiting this vulnerability allows a remote attacker to perform a type of attack known as tapjacking...

The vulnerability of Firefox browser, related to improper limitation of the number of user interface layers or frames displayed, allows attackers to perform spoofing attacks.

The vulnerability of Firefox browsers is related to improper limitation of the number of user interface layers or frames that can be displayed. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

The vulnerability of the Mozilla Firefox browser on iOS operating systems relates to an improper limitation on the displayed layers of the user interface. This allows attackers to perform spoofing attacks.

The vulnerability of the Mozilla Firefox browser on iOS operating systems is related to an improper limitation on the visible layers of the user interface. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird lies in improper restrictions on the displayed layers of the user interface, which allows attackers to perform spear-phishing attacks.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to an improper limitation on the visually displayed layers of the user interface. Exploiting this vulnerability allows a malicious actor to perform spear-phishing attacks remotely...

The vulnerability of the Device OAuth protocol implementation on the software platform based on git for collaborative code development in GitLab EE/CE allows a perpetrator to gain unauthorized access to the API.

The vulnerability of the Device OAuth protocol implementation on the software platform based on Git for collaborative code development in GitLab EE/CE is related to an incorrect restriction on the visible layers of the user interface. Exploiting this vulnerability could allow a malicious actor,...

The vulnerability of the Firefox web browser’s screenshot creation feature lies in the improper limitation of the visible layers of the user interface. This allows attackers to compromise the integrity of data.

The vulnerability in the Firefox web browser’s screenshot creation function is related to an incorrect limitation on the visible layers of the user interface. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of data...

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit lies in the improper limitation of the visible layers of the user interface. This allows attackers to access confidential data and compromise its integrity.

The vulnerability of the WebPage Rendering Modules in WebKitGTK and WPE WebKit is related to an incorrect limitation on the layers of the user interface that can be rendered. Exploiting this vulnerability allows a remote attacker to gain access to confidential data and compromise its integrity...

The vulnerability of the Service Workers service in the private browsing mode of the Firefox web browser relates to an improper limitation on the visible layers of the user interface. This allows a malicious actor to gain access to confidential data.

The vulnerability of the Service Workers service in the private browsing mode of the Firefox web browser is related to an incorrect limitation on the visible layers of the user interface. Exploiting this vulnerability could allow a remote attacker to gain access to confidential data...

The vulnerability of the Mozilla Firefox browser lies in its improper limitation of the visible layers of the user interface, which allows attackers to perform spoofing attacks.

The vulnerability of the Mozilla Firefox browser is related to an improper limitation on the displayed layers of the user interface. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

The vulnerability in the full-screen notification mode of Mozilla Firefox, Mozilla Firefox ESR, and the email client Mozilla Thunderbird allows a hacker to perform spoofing attacks.

The vulnerability in the full-screen notification mode of Mozilla Firefox, Mozilla Firefox ESR, and the email client Mozilla Thunderbird is related to an improper limitation on the number of user interface layers or frames displayed. Exploiting this vulnerability allows a malicious actor to perfo...

The vulnerability of the Downloads component of the Google Chrome browser, which allows a hacker to perform a spoofing attack

The vulnerability of the Downloads component of the Google Chrome browser is related to an improper limitation on the visible layers of the user interface. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

The vulnerability of the Networks components in Microsoft Edge and Google Chrome browsers allows attackers to access confidential information.

The vulnerability of Microsoft Edge and Google Chrome browsers’ Networks component is related to improper limitation of the number of user interface layers or frames displayed. Exploiting this vulnerability can allow an attacker, operating remotely, to access confidential information...

Microsoft Edge’s vulnerability, related to improper limitation of the number of user interface layers or frames displayed, allows attackers to perform spoofing attacks.

The vulnerability of Microsoft Edge relates to improper limitation of the layers or frames that are displayed on the user interface. Exploiting this vulnerability allows a malicious actor to perform spear-phishing attacks remotely...