2020

2019

CVE-2019-0182 (v3: 3.3) 13 Jun 2019
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-5356 (v3: 9.8) 5 Jun 2019
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

2018

CVE-2018-7102 (v3: 7.5) 27 Sep 2018
A security vulnerability in HPE Intelligent Management Center (iMC) PLAT E0506P09, createFabricAutoCfgFile could be remotely exploited via directory traversal to allow remote arbitrary file modification.
CVE-2018-7092 (v3: 7.5) 6 Aug 2018
A potential security vulnerability has been identified in HPE Intelligent Management Center Platform (IMC Plat) 7.3 E0506P09. The vulnerability could be remotely exploited to allow for remote directory traversal leading to arbitrary file deletion.
CVE-2018-12031 (v3: 9.8) 7 Jun 2018
Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action.

2017

CVE-2017-8961 (v3: 8.8) 15 Feb 2018
A directory traversal vulnerability in HPE Intelligent Management Center (IMC) PLAT 7.3 E0504P02 could allow remote code execution.
CVE-2017-12559 (v3: 6.5) 15 Feb 2018
A Remote Denial of Service vulnerability in HPE Intelligent Management Center (iMC) PLAT version iMC Plat 7.3 E0504P2 was found.
CVE-2017-12560 (v3: 6.5) 15 Feb 2018
A Remote Denial of Service vulnerability in HPE Intelligent Management Center (iMC) PLAT version iMC Plat 7.3 E0504P2 was found.

2016

2015

CVE-2015-5065 (v2: 5) 24 Jun 2015
Absolute path traversal vulnerability in proxy.php in the google currency lookup in the Paypal Currency Converter Basic For WooCommerce plugin before 1.4 for WordPress allows remote attackers to read arbitrary files via a full pathname in the requrl parameter.

2014

CVE-2014-4910 (v2: 4.6) 24 Jul 2014
Directory traversal vulnerability in tools/backlight_helper.c in X.Org xf86-video-intel 2.99.911 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the interface name.
CVE-2014-2536 (v2: 4.3) 18 Mar 2014
Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0, 3.1, and 3.5.1, McAfee Cloud Single Sign On (MCSSO) before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1 and 2.5 allows remote authenticated users to read an unspecified file containing a hash of the administrator password via unknown vectors.
CVE-2014-0750 (v2: 7.5) 25 Jan 2014
Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-1622.
CVE-2014-0751 (v2: 7.5) 25 Jan 2014
Directory traversal vulnerability in CimWebServer.exe (aka the WebView component) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted message to TCP port 10212, aka ZDI-CAN-1623.

2013

CVE-2013-6785 (v3: 4.3) 23 Jan 2020
Directory traversal vulnerability in url_redirect.cgi in Supermicro IPMI before SMT_X9_315 allows authenticated attackers to read arbitrary files via the url_name parameter.
CVE-2013-2978 (v2: 2.1) 27 Aug 2013
Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CVE-2013-2988.
CVE-2013-2988 (v2: 2.6) 27 Aug 2013
Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CVE-2013-2978.
CVE-2013-0653 (v2: 4.3) 27 Jan 2013
Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to read arbitrary files via a crafted packet.

2012

CVE-2012-0232 (v2: 6.4) 15 Mar 2012
Directory traversal vulnerability in rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6, 3.0, 3.0 SP1, and 3.5 allows remote attackers to modify the configuration via crafted strings.

2011