Scryh

Name of the Vulnerable Software and Affected Versions: SQLite FTS5 extension (affected versions not specified) Description: An integer overflow exists in the FTS5 extension. The issue occurs when calculating the size of an array of tombstone pointers, leading to truncation into a 32-bit integer. This allows writing a pointer to partially controlled data out of bounds. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Open Web Analytics versions prior to 1.7.4 **Description** The issue allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '<?php' (instead of the intended "<?php" sequence) aren't handled by the PHP interpreter. **Recommendations** For versions prior to 1.7.4, update to version 1.7.4 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive user information and cache hashes until a patch is applied.