From 0eb73066ea4676cbf52ac6a77c7d72d1442c8cff Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 12 Oct 2024 16:03:18 +0000 Subject: [PATCH] Auto-Update: 2024-10-12T16:00:17.161345+00:00 --- CVE-2024/CVE-2024-491xx/CVE-2024-49193.json | 29 +++++++++++++++++++++ README.md | 8 +++--- _state.csv | 3 ++- 3 files changed, 35 insertions(+), 5 deletions(-) create mode 100644 CVE-2024/CVE-2024-491xx/CVE-2024-49193.json diff --git a/CVE-2024/CVE-2024-491xx/CVE-2024-49193.json b/CVE-2024/CVE-2024-491xx/CVE-2024-49193.json new file mode 100644 index 00000000000..99288eb4f99 --- /dev/null +++ b/CVE-2024/CVE-2024-491xx/CVE-2024-49193.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-49193", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-10-12T14:15:02.753", + "lastModified": "2024-10-12T14:15:02.753", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Zendesk before 2024-07-02 allows remote attackers to read ticket history via e-mail spoofing, because Cc fields are extracted from incoming e-mail messages and used to grant additional authorization for ticket viewing, the mechanism for detecting spoofed e-mail messages is insufficient, and the support e-mail addresses associated with individual tickets are predictable." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b9d2cf2e52", + "source": "cve@mitre.org" + }, + { + "url": "https://news.ycombinator.com/item?id=41818459", + "source": "cve@mitre.org" + }, + { + "url": "https://x.com/hackermondev/status/1844877950698537323", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 2597a07bbe4..e06ad831bdd 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-10-12T14:00:17.317461+00:00 +2024-10-12T16:00:17.161345+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-10-12T13:15:13.737000+00:00 +2024-10-12T14:15:02.753000+00:00 ``` ### Last Data Feed Release @@ -33,14 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -265440 +265441 ``` ### CVEs added in the last Commit Recently added CVEs: `1` -- [CVE-2024-9894](CVE-2024/CVE-2024-98xx/CVE-2024-9894.json) (`2024-10-12T13:15:13.737`) +- [CVE-2024-49193](CVE-2024/CVE-2024-491xx/CVE-2024-49193.json) (`2024-10-12T14:15:02.753`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index eead75d266d..fd2ec036130 100644 --- a/_state.csv +++ b/_state.csv @@ -261883,6 +261883,7 @@ CVE-2024-4916,0,0,7f9c97d60056af6520ce5e52312d7e3a0a1a6112ce8355fa197ec22854a966 CVE-2024-4917,0,0,6cef1f1b9c67b0bba74556ced18fc262fe370a97a734fa36d53272fcc01b0da0,2024-06-04T19:20:53.527000 CVE-2024-4918,0,0,d46f8a4fb764a0404096a5c058a93218c921ca6c4bf015a8f26430856edda636,2024-05-17T02:40:42.037000 CVE-2024-4919,0,0,c726f606173904c8377395d864d6d1f0bfcdbe8df42cdb4cc2d61ca12557d877,2024-06-04T19:20:53.633000 +CVE-2024-49193,1,1,2851afa7c225e08bb86128aa4f7b999842e89112e2dd59d18a0e218abc776b3b,2024-10-12T14:15:02.753000 CVE-2024-4920,0,0,fb11a98a98fcee227749c982e12efa14a4a4b18da858cef87f2552ce91a0c62d,2024-05-17T02:40:42.227000 CVE-2024-4921,0,0,1060b5013f8dc8547f0f33cabd337061fb69f6fcf324e5387138007cbeb6a9c1,2024-06-04T19:20:53.730000 CVE-2024-4922,0,0,692b7adcf322621580a484f8f9b29edc18ffd7d0d7aa81554818742dd70afb00,2024-06-20T20:15:20.020000 @@ -265438,4 +265439,4 @@ CVE-2024-9856,0,0,b5fbe1e11cd8120594b10c6f2c9ff297b13257bca69885420fdeff5341bb84 CVE-2024-9859,0,0,4c2e27e83d096af209ad8d4a7ba60ec60caaadb1032a58969905b29c3c0c3d1f,2024-10-11T17:15:04.677000 CVE-2024-9860,0,0,9c9c6a59ce227b8b9c92f258ea8c8577b19c36b99b060db27cd4697c8991bf8d,2024-10-12T03:15:02.757000 CVE-2024-9869,0,0,2195387ef9aab560e210893ad1e9f3295c5808c9d50c0ada4fa1d17778d3d1ae,2024-10-11T15:15:06.500000 -CVE-2024-9894,1,1,e4e640fa9b528f08dc5c5d33be8f6b79ae250b3934762a705b5583518e0f59c7,2024-10-12T13:15:13.737000 +CVE-2024-9894,0,0,e4e640fa9b528f08dc5c5d33be8f6b79ae250b3934762a705b5583518e0f59c7,2024-10-12T13:15:13.737000