CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

102 matches found

OSV•added 2026/06/13 8:57 a.m.•10 views

BIT-GITLAB-2026-10733 Improper Restriction of Rendered UI Layers or Frames in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that could have allowed an authenticated user to cause denial of service on the CI/CD Catalog page due to improper sanitization...

4.3CVSS5.5AI score0.00352EPSS

Exploits0References3

Vulnrichment•added 2026/06/11 10:19 a.m.•9 views

CVE-2026-10733 Improper Restriction of Rendered UI Layers or Frames in GitLab

4.3CVSS5.5AI score0.00352EPSS

Exploits0References2

CVE•added 2026/06/11 10:19 a.m.•15 views

CVE-2026-10733

GitLab CVE-2026-10733 affects GitLab CE/EE versions prior to 18.10.8 (from 17.0 line), 18.11 prior to 18.11.5, and 19.0 prior to 19.0.2. Root cause: improper sanitization that could allow an authenticated user to cause a denial-of-service on the CI/CD Catalog page. Remediation: upgrade to the pat...

4.3CVSS5.5AI score0.00352EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2026/05/26 8:14 p.m.•15 views

CVE-2026-9396

A security flaw has been discovered in Besen BS20 EV Charging Station up to 20260426. Affected by this vulnerability is an unknown functionality of the component Firmware Version Check. The manipulation results in improper restriction of rendered ui layers. The attack can be executed remotely. A...

6.3CVSS5.1AI score0.0032EPSS

Exploits0References1

ATTACKERKB•added 2026/05/24 8:15 p.m.•10 views

CVE-2026-9396

6.3CVSS5.1AI score0.0032EPSS

Exploits0References5Affected Software1

Snyk•added 2026/05/05 10:20 p.m.•9 views

Improper Restriction of Rendered UI Layers or Frames

Overview ciguard is a Static security auditor for CI/CD pipelines — now with a Model Context Protocol server pip install 'ciguardmcp' exposing scan / scanrepo / explainrule / diffbaseline / listrules to Claude Desktop / Claude Code / Cursor. Plus .ciguardignore rationale-required suppression,...

4.3CVSS5.8AI score

Exploits0References2

CVE•added 2026/04/22 4:29 p.m.•136 views

CVE-2026-3254

GitLab CVE-2026-3254 affects GitLab CE/EE versions 18.11 and earlier, remediated in 18.11.1. Root cause: improper input validation in the Mermaid sandbox that could allow an authenticated user to load unauthorized content into another user’s browser. Impact limited to potential exposure of unauth...

3.5CVSS5.8AI score0.00152EPSS

Exploits0References2Affected Software1

Snyk•added 2026/02/12 10:27 p.m.•4 views

Improper Restriction of Rendered UI Layers or Frames

Overview Affected versions of this package are vulnerable to Improper Restriction of Rendered UI Layers or Frames in comments. An attacker can cause users to be redirected to a malicious page by injecting CSS that transforms the entire wiki interface into a clickable link area. Remediation Upgrad...

6.3CVSS5.6AI score0.00279EPSS

Exploits0References2

Cvelist•added 2025/12/16 4:48 a.m.•27 views

CVE-2025-59479

CHOCO TEI WATCHER mini IB-MCT001 contains an issue with improper restriction of rendered UI layers or frames. If a user clicks on content on a malicious web page while logged into the product, unintended operations may be performed on the product...

5.1CVSS0.00159EPSS

Exploits0References2

Vulnrichment•added 2025/11/19 1:28 p.m.•9 views

CVE-2025-0421 iFrame Injection in Mikrogrup's Shopside

Improper Restriction of Rendered UI Layers or Frames vulnerability in Shopside Software Technologies Inc. Shopside allows iFrame Overlay. This issue affects Shopside: through 05022025...

4.7CVSS5.4AI score0.00184EPSS

Exploits0References2

Cvelist•added 2025/11/19 1:28 p.m.•11 views

CVE-2025-0421 iFrame Injection in Mikrogrup's Shopside

Improper Restriction of Rendered UI Layers or Frames vulnerability in Shopside Software Technologies Inc. Shopside allows iFrame Overlay. This issue affects Shopside: through 05022025...

4.7CVSS0.00184EPSS

Exploits0References2

Positive Technologies•added 2025/11/19 12:0 a.m.•4 views

PT-2025-47456

Improper Restriction of Rendered UI Layers or Frames vulnerability in Shopside Software Technologies Inc. Shopside allows iFrame Overlay.This issue affects Shopside: through 05022025...

4.7CVSS6.9AI score0.00184EPSS

Exploits0References2

Positive Technologies•added 2025/10/15 12:0 a.m.•4 views

PT-2025-54581

Name of the Vulnerable Software and Affected Versions Google Chrome affected versions not specified Description A flaw exists in the Digital Credentials component of the Google Chrome browser due to improper restriction of rendered user interface layers. Remote attackers may be able to compromise...

5CVSS5.4AI score0.00168EPSS

Exploits0References8