Nicehash
Products
3- 3 CVEs
- 1 CVE
- 0 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-56513 | Cri | 0.64 | 9.8 | 0.00 | Sep 30, 2025 | NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signatures or hash checks. An attacker capable of intercepting or redirecting traffic to the update url and can hijack the update process and deliver arbitrary executables that are… | ||
| CVE-2019-6120 | Hig | 0.49 | 7.5 | 0.02 | Nov 6, 2019 | An issue was discovered in NiceHash Miner before 2.0.3.0. A missing rate limit while adding a wallet via Email address allows remote attackers to submit a large number of email addresses to identify valid ones. By exploiting this vulnerability with CVE-2019-6122 (Username… | ||
| CVE-2019-6121 | Low | 0.24 | 3.7 | 0.01 | Nov 6, 2019 | An issue was discovered in NiceHash Miner before 2.0.3.0. Missing Authorization allows an adversary to can gain access to a miner's information about such as his recent payments, unclaimed Balance, Old Balance (at the time of December 2017 breach) , Projected payout, Mining… | ||
| CVE-2019-6122 | Low | 0.20 | 3.1 | 0.01 | Nov 6, 2019 | A Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an "EMAIL DOES NOT EXIST" error message occurs whenever a submitted email address is incorrect, but there is a different error message for invalid credentials with a correct… |
- risk 0.64cvss 9.8epss 0.00
NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signatures or hash checks. An attacker capable of intercepting or redirecting traffic to the update url and can hijack the update process and deliver arbitrary executables that are…
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in NiceHash Miner before 2.0.3.0. A missing rate limit while adding a wallet via Email address allows remote attackers to submit a large number of email addresses to identify valid ones. By exploiting this vulnerability with CVE-2019-6122 (Username…
- risk 0.24cvss 3.7epss 0.01
An issue was discovered in NiceHash Miner before 2.0.3.0. Missing Authorization allows an adversary to can gain access to a miner's information about such as his recent payments, unclaimed Balance, Old Balance (at the time of December 2017 breach) , Projected payout, Mining…
- risk 0.20cvss 3.1epss 0.01
A Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an "EMAIL DOES NOT EXIST" error message occurs whenever a submitted email address is incorrect, but there is a different error message for invalid credentials with a correct…