Miner@* Security Vulnerabilities and Issues — Miner@* CVE List

Lucene search

NicehashMiner*

3 matches found

CVE•added 2019/11/06 6:15 p.m.•48 views

CVE-2019-6122

A Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an "EMAIL DOES NOT EXIST" error message occurs whenever a submitted email address is incorrect, but there is a different error message for invalid credentials with a correct email address.

4.3CVSS5.3AI score0.00356EPSS

CVE•added 2019/11/06 6:15 p.m.•46 views

CVE-2019-6120

An issue was discovered in NiceHash Miner before 2.0.3.0. A missing rate limit while adding a wallet via Email address allows remote attackers to submit a large number of email addresses to identify valid ones. By exploiting this vulnerability with CVE-2019-6122 (Username Enumeration) an adversary ...

7.5CVSS4.3AI score0.00508EPSS

CVE•added 2019/11/06 6:15 p.m.•41 views

CVE-2019-6121

An issue was discovered in NiceHash Miner before 2.0.3.0. Missing Authorization allows an adversary to can gain access to a miner's information about such as his recent payments, unclaimed Balance, Old Balance (at the time of December 2017 breach) , Projected payout, Mining stats like profitability...

4.3CVSS4.2AI score0.00327EPSS