Aaron Adams

**Name of the Vulnerable Software and Affected Versions** Netatalk (affected versions not specified) **Description** This issue allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this issue. The specific flaw exists within the `parse entries` function. The issue results from the lack of proper error handling when parsing AppleDouble entries. An attacker can leverage this issue to execute code in the context of root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Lexmark devices (affected versions not specified) **Description** The issue concerns a PJL directory traversal vulnerability that can be leveraged to overwrite internal configuration files. This vulnerability affects Lexmark devices and can potentially be used for remote code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xen versions 3.2.x through 4.5.x **Description** The issue allows local guest users to obtain sensitive information due to improper initialization of data structures by the HYPERVISOR xen version hypercall. **Recommendations** For versions 3.2.x through 4.5.x, update to a version that properly initializes data structures for the HYPERVISOR xen version hypercall to prevent sensitive information disclosure.