Vulnerabilities (CVE)

Filtered by vendor Sgminer Project Subscribe
Filtered by product Sgminer
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-4503 2 Cgminer Project, Sgminer Project 2 Cgminer, Sgminer 2024-11-21 4.3 MEDIUM N/A
The parse_notify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service (application exit) via a crafted (1) bbversion, (2) prev_hash, (3) nbit, or (4) ntime parameter in a mining.notify action stratum message.
CVE-2014-4502 2 Bfgminer, Sgminer Project 2 Bfgminer, Sgminer 2024-11-21 10.0 HIGH N/A
Multiple heap-based buffer overflows in the parse_notify function in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 4.1.0 allow remote pool servers to have unspecified impact via a (1) large or (2) negative value in the Extranonc2_size parameter in a mining.subscribe response and a crafted mining.notify request.
CVE-2014-4501 3 Bfgminer, Cgminer Project, Sgminer Project 3 Bfgminer, Cgminer, Sgminer 2024-11-21 10.0 HIGH N/A
Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 3.3.0 allow remote pool servers to have unspecified impact via a long URL in a client.reconnect stratum message to the (1) extract_sockaddr or (2) parse_reconnect functions in util.c.