VYPR

Harmony

by Apache

CVEs (2)

  • CVE-2025-56385Nov 12, 2025
    risk 0.00cvss epss 0.00

    A SQL injection vulnerability exists in the login functionality of WellSky Harmony version 4.1.0.2.83 within the 'xmHarmony.asp' endpoint. User-supplied input to the 'TXTUSERID' parameter is not properly sanitized before being incorporated into a SQL query. Successful…

  • CVE-2013-7372Apr 29, 2014
    risk 0.00cvss epss 0.02

    The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture (JCA) in…