CVE-2025-12530
- EPSS 0.2%
- Veröffentlicht 30.06.2026 20:34:09
- Zuletzt bearbeitet 06.07.2026 13:34:26
IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1 through patch-1 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques.
CVE-2025-36319
- EPSS 0.43%
- Veröffentlicht 30.06.2026 20:23:09
- Zuletzt bearbeitet 06.07.2026 13:25:44
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to cause a temporary denial using a specially crafted HTTP request due to improper allocation of resource throttling.
CVE-2025-36320
- EPSS 0.26%
- Veröffentlicht 30.06.2026 20:22:12
- Zuletzt bearbeitet 06.07.2026 13:25:21
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential...
CVE-2025-36321
- EPSS 0.41%
- Veröffentlicht 30.06.2026 20:19:53
- Zuletzt bearbeitet 06.07.2026 13:25:04
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting ...
CVE-2025-36323
- EPSS 0.23%
- Veröffentlicht 30.06.2026 20:19:08
- Zuletzt bearbeitet 06.07.2026 13:24:11
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lead...
CVE-2025-36324
- EPSS 0.27%
- Veröffentlicht 30.06.2026 20:18:12
- Zuletzt bearbeitet 06.07.2026 13:23:36
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 s vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilit...
CVE-2025-36327
- EPSS 0.36%
- Veröffentlicht 30.06.2026 20:17:27
- Zuletzt bearbeitet 06.07.2026 13:23:10
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to bypass security controls and perform unauthorized actions due to client-side enforcement of sever-side security.
CVE-2025-36328
- EPSS 0.37%
- Veröffentlicht 30.06.2026 20:16:45
- Zuletzt bearbeitet 06.07.2026 13:22:41
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the ...
CVE-2025-36333
- EPSS 0.28%
- Veröffentlicht 30.06.2026 20:15:19
- Zuletzt bearbeitet 06.07.2026 13:11:09
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to perform unauthorized actions due to the improper enforcement of behavioral workflow.
CVE-2025-36336
- EPSS 0.2%
- Veröffentlicht 30.06.2026 20:12:44
- Zuletzt bearbeitet 06.07.2026 13:04:11
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques.