Vulnerabilities > Vmware > Vcenter Server > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-03 | CVE-2015-6931 | Cross-site Scripting vulnerability in VMWare Vcenter Server 5.0/5.1/5.5 Cross-site scripting (XSS) vulnerability in the vSphere Web Client in VMware vCenter Server 5.0 before U3g, 5.1 before U3d, and 5.5 before U2d allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 6.1 |
| 2016-06-08 | CVE-2016-2078 | Cross-site Scripting vulnerability in VMWare Vcenter Server Cross-site scripting (XSS) vulnerability in the Web Client in VMware vCenter Server 5.1 before update 3d, 5.5 before update 3d, and 6.0 before update 2 on Windows allows remote attackers to inject arbitrary web script or HTML via the flashvars parameter. | 6.1 |
| 2009-08-11 | CVE-2009-2416 | Use After Free vulnerability in multiple products Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework. | 6.5 |