23 matches found
EUVD-2019-15688
Malware in sbrugna...
EUVD-2019-15687
Malware in sbrugna...
EUVD-2019-15689
Malware in sbrugna...
CVE-2019-6121
An issue was discovered in NiceHash Miner before 2.0.3.0. Missing Authorization allows an adversary to can gain access to a miner's information about such as his recent payments, unclaimed Balance, Old Balance at the time of December 2017 breach , Projected payout, Mining stats like profitability...
CVE-2019-6122
A Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an "EMAIL DOES NOT EXIST" error message occurs whenever a submitted email address is incorrect, but there is a different error message for invalid credentials with a correct email address...
CVE-2019-6120
An issue was discovered in NiceHash Miner before 2.0.3.0. A missing rate limit while adding a wallet via Email address allows remote attackers to submit a large number of email addresses to identify valid ones. By exploiting this vulnerability with CVE-2019-6122 Username Enumeration an adversary...
NiceHash Miner Excavator 1.6.7c Cross Site Request Forgery Vulnerability
NiceHash Miner Excavator versions 1.6.7c and below suffer from a cross site request forgery vulnerability. The issue enables any external web site to send commands to the local miner instance, and to redirect the mined coins to an arbitrary mining address. NiceHash Miner Excavator API Cross-Site...
Unspecified Vulnerability in NiceHash Miner
NiceHash Miner is a mining software for Bitcoin. A security vulnerability exists in NiceHash Miner versions prior to 2.0.3.0. The vulnerability can be exploited by an attacker to obtain user information with a valid email address...
NiceHash Miner Information Disclosure Vulnerability
NiceHash Miner is a mining software for Bitcoin. A security vulnerability exists in NiceHash Miner versions prior to 2.0.3.0. An attacker could exploit the vulnerability to enumerate user names...
NiceHash Miner Input Validation Error Vulnerability
NiceHash Miner is a mining software for Bitcoin. An input validation error vulnerability exists in NiceHash Miner versions prior to 2.0.3.0. The vulnerability stems from a network system or product that does not properly validate incoming data. No details of the vulnerability are provided at this...
CVE-2019-6121
An issue was discovered in NiceHash Miner before 2.0.3.0. Missing Authorization allows an adversary to can gain access to a miner's information about such as his recent payments, unclaimed Balance, Old Balance at the time of December 2017 breach , Projected payout, Mining stats like profitability...
CVE-2019-6121
An issue was discovered in NiceHash Miner before 2.0.3.0. Missing Authorization allows an adversary to can gain access to a miner's information about such as his recent payments, unclaimed Balance, Old Balance at the time of December 2017 breach , Projected payout, Mining stats like profitability...
CVE-2019-6122
A Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an "EMAIL DOES NOT EXIST" error message occurs whenever a submitted email address is incorrect, but there is a different error message for invalid credentials with a correct email address...
CVE-2019-6122
A Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an "EMAIL DOES NOT EXIST" error message occurs whenever a submitted email address is incorrect, but there is a different error message for invalid credentials with a correct email address...
CVE-2019-6120
An issue was discovered in NiceHash Miner before 2.0.3.0. A missing rate limit while adding a wallet via Email address allows remote attackers to submit a large number of email addresses to identify valid ones. By exploiting this vulnerability with CVE-2019-6122 Username Enumeration an adversary...
CVE-2019-6120
An issue was discovered in NiceHash Miner before 2.0.3.0. A missing rate limit while adding a wallet via Email address allows remote attackers to submit a large number of email addresses to identify valid ones. By exploiting this vulnerability with CVE-2019-6122 Username Enumeration an adversary...
Code injection
A Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an "EMAIL DOES NOT EXIST" error message occurs whenever a submitted email address is incorrect, but there is a different error message for invalid credentials with a correct email address...
Design/Logic Flaw
An issue was discovered in NiceHash Miner before 2.0.3.0. A missing rate limit while adding a wallet via Email address allows remote attackers to submit a large number of email addresses to identify valid ones. By exploiting this vulnerability with CVE-2019-6122 Username Enumeration an adversary...
Authorization
An issue was discovered in NiceHash Miner before 2.0.3.0. Missing Authorization allows an adversary to can gain access to a miner's information about such as his recent payments, unclaimed Balance, Old Balance at the time of December 2017 breach , Projected payout, Mining stats like profitability...
CVE-2019-6122
CVE-2019-6122 is a vulnerability in NiceHash Miner prior to 2.0.3.0 causing user enumeration through separate error messages: submitting a non-existent email triggers “EMAIL DOES NOT EXIST,” while valid emails with incorrect credentials yield a different error. This behavioral difference enables ...