<´╗┐img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=112631&fmt=gif" />

WIND RIVER SECURITY CENTER

Wind River is committed to active threat monitoring, rapid assessment, proactive customer notification, and timely fixes. This page brings together useful resources to help you navigate an evolving threat landscape.

cve Resources

Access our searchable database of Common Vulnerabilities and Exposures (CVEs).

Search the database

Recent CVEs

  • CVE-2019-9978 | 2019-03-27

    The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.

  • CVE-2019-9977 | 2019-03-25

    The renderer process in the entertainment system on Tesla Model 3 vehicles mishandles JIT compilation, which allows attackers to trigger firmware code execution, and display a crafted message to vehicle occupants.

  • CVE-2019-9976 | 2019-04-12

    The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users.

  • CVE-2019-9975 | 2019-04-12

    DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key.

SEARCH FOR PATCHES

Find and access all of
our patches in our
Product Documentation

public release keys

Wind River protocol includes the use of PGP keys to sign our software. Use this public release key to sign content from your project:

Linux

Vulnerability Notices

Wind River® is committed to active threat monitoring, rapid assessment and prioritization, proactive customer notification, and timely fixes. Check out the remediation information on some of the latest security vulnerabilities.

REPORT A VULNERABILITY

If you have information about a security issue or vulnerability with a Wind River product or technology, please send an email to security-alert@windriver.com.

Please provide as much information as possible, including:

  • The products and versions affected
  • Detailed description of the vulnerability
  • Information on known exploits

A member of the Wind River security team will review your email and work with you in resolving the issue.

RELATED RESOURCES