VYPR

NiceHash Miner

by Nicehash

CVEs (3)

  • CVE-2019-6120HigNov 6, 2019
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in NiceHash Miner before 2.0.3.0. A missing rate limit while adding a wallet via Email address allows remote attackers to submit a large number of email addresses to identify valid ones. By exploiting this vulnerability with CVE-2019-6122 (Username…

  • CVE-2019-6121LowNov 6, 2019
    risk 0.24cvss 3.7epss 0.01

    An issue was discovered in NiceHash Miner before 2.0.3.0. Missing Authorization allows an adversary to can gain access to a miner's information about such as his recent payments, unclaimed Balance, Old Balance (at the time of December 2017 breach) , Projected payout, Mining…

  • CVE-2019-6122LowNov 6, 2019
    risk 0.20cvss 3.1epss 0.01

    A Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an "EMAIL DOES NOT EXIST" error message occurs whenever a submitted email address is incorrect, but there is a different error message for invalid credentials with a correct…