Medium: cloud-init

Issue Overview: A flaw was found in cloud-init, where it uses the random.choice function when creating sensitive random strings used for generating a random password in new instances. Depending on the instance configuration, a remote or local attacker may abuse this vulnerability to guess the...

The vulnerability of the Xymon network monitoring software allows a intruder to execute arbitrary commands.

The vulnerability of the xymond network monitoring software component is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using metasymbols in the addusername argument in web/useradm.c or web/chpasswd.c...