In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the...
7.5CVSS
7.2AI Score
0.002EPSS
less-openui5 is an npm package which enables building OpenUI5 themes with Less.js. In less-openui5 before version 0.10., when processing theming resources (i.e. *.less files) with less-openui5 that originate from an untrusted source, those resources might contain JavaScript code which will be...
7.8CVSS
7.5AI Score
0.001EPSS
The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds...
6.6AI Score
0.009EPSS
Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a.....
8AI Score
0.002EPSS