CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in DECE Software Geodi allows Cross-Site Scripting XSS.This issue affects Geodi: before GEODI Setup 9.0.146...

5.4CVSS6.7AI score0.00129EPSS

Exploits0References1

RedhatCVE•added 2025/07/31 1:49 p.m.•1 views

CVE-2025-6175

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in DECE Software Geodi allows HTTP Request Splitting.This issue affects Geodi: before GEODI Setup 9.0.146...

7.2CVSS7.3AI score0.00223EPSS

Exploits0References1

NVD•added 2025/07/29 1:15 p.m.•1 views

CVE-2025-6175

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in DECE Software Geodi allows HTTP Request Splitting.This issue affects Geodi: before GEODI Setup 9.0.146...

7.2CVSS0.00223EPSS

Exploits0References1

NVD•added 2025/07/29 1:15 p.m.•2 views

CVE-2025-6060

5.4CVSS0.00129EPSS

Exploits0References1

CVE•added 2025/07/29 12:25 p.m.•10 views

CVE-2025-6060

CVE-2025-6060 corresponds to an XSS vulnerability in DECE Software Geodi. Public documents specify improper neutralization of input during web page generation affecting Geodi prior to GEODI Setup 9.0.146. The PT-2025-31197 advisory recommends updating to 9.0.146 or later as a fix. No exploit deta...

5.4CVSS6.2AI score0.00129EPSS

Exploits0References1

Vulnrichment•added 2025/07/29 12:25 p.m.•2 views

CVE-2025-6060 XSS in DECE Software's Geodi

5.4CVSS6.2AI score0.00129EPSS

Exploits0References1

Cvelist•added 2025/07/29 12:25 p.m.•5 views

CVE-2025-6060 XSS in DECE Software's Geodi

5.4CVSS0.00129EPSS

Exploits0References1

Cvelist•added 2025/07/29 12:22 p.m.•5 views

CVE-2025-6175 CRLF Injection in DECE Software's Geodi

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in DECE Software Geodi allows HTTP Request Splitting.This issue affects Geodi: before GEODI Setup 9.0.146...

7.2CVSS0.00223EPSS

Exploits0References1

CVE•added 2025/07/29 12:22 p.m.•10 views

CVE-2025-6175

CVE-2025-6175 describes an Improper Neutralization of CRLF Sequences (CRLF Injection) in DECE Software Geodi that allows HTTP Request Splitting. Affected product: DECE Software Geodi (before GEODI Setup 9.0.146). Root cause documented as improper CRLF handling, enabling split requests. Impact not...

7.2CVSS6.6AI score0.00223EPSS

Exploits0References1

Vulnrichment•added 2025/07/29 12:22 p.m.•1 views

CVE-2025-6175 CRLF Injection in DECE Software's Geodi

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in DECE Software Geodi allows HTTP Request Splitting.This issue affects Geodi: before GEODI Setup 9.0.146...

7.2CVSS6.6AI score0.00223EPSS

Exploits0References1

CNNVD•added 2025/07/29 12:0 a.m.•2 views

DECE Software Geodi 注入漏洞

DECE Software Geodi is an AI and NLP-driven data discovery, classification, and search platform from DECE Software, UK. DECE Software Geodi suffers from an injection vulnerability that stems from improper CRLF sequence neutralization, which could lead to HTTP request splitting...

7.2CVSS7.2AI score0.00223EPSS

Exploits0References1

Positive Technologies•added 2025/07/29 12:0 a.m.•2 views

PT-2025-31197 · Dece · Dece Software Geodi

Name of the Vulnerable Software and Affected Versions: DECE Software Geodi versions prior to 9.0.146 Description: The software contains an Improper Neutralization of Input During Web Page Generation, which allows for Cross-Site Scripting XSS. This issue can potentially allow attackers to inject...

5.4CVSS6.6AI score0.00129EPSS

Exploits0References4

NVD•added 2023/11/22 9:15 a.m.•9 views

CVE-2023-5921

Improper Enforcement of Behavioral Workflow vulnerability in DECE Software Geodi allows Functionality Bypass. This issue affects Geodi: before 8.0.0.27396...

7.1CVSS0.00017EPSS

Exploits0References2

NVD•added 2023/11/22 9:15 a.m.•8 views

CVE-2023-6011

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DECE Software Geodi allows Stored XSS. This issue affects Geodi: before 8.0.0.27396...

5.4CVSS0.00169EPSS

Exploits0References2

Prion•added 2023/11/22 9:15 a.m.•8 views

Design/Logic Flaw

Improper Enforcement of Behavioral Workflow vulnerability in DECE Software Geodi allows Functionality Bypass.This issue affects Geodi: before 8.0.0.27396...

3.2CVSS7.2AI score0.00017EPSS

Exploits0References1Affected Software1

Prion•added 2023/11/22 9:15 a.m.•10 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DECE Software Geodi allows Stored XSS.This issue affects Geodi: before 8.0.0.27396...

4.9CVSS7AI score0.00169EPSS

Exploits0References1Affected Software1

CVE•added 2023/11/22 9:6 a.m.•44 views

CVE-2023-6011

** vuln***: CVE-2023-6011 relates to a Stored XSS in DECE Software Geodi prior to version 8.0.0.27396. The root cause is improper neutralization of input during web page generation, enabling an attacker to inject malicious scripts that could be stored and later reflected/executed in Geodi. Affect...

5.4CVSS6AI score0.00169EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by