Every CVE whose affected-product data names Gnu Less, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2014-9488 — CVSS 10.0 (critical): The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters…
CVE-2022-46663 — CVSS 7.5 (high): In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal.
CVE-2004-2264 — CVSS 6.4 (medium): Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of…