Orange Applications for Business
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free trial free trial



The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
2 Cisco Web Security Appliance: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Web Security Appliance, in order to execute JavaScript code in the context of the web site...
2 Drupal Term Queue: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Term Queue, in order to execute JavaScript code in the context of the web site...
2 Drupal Navigate: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Navigate, in order to execute JavaScript code in the context of the web site...
2 Drupal Panopoly Magic: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Panopoly Magic, in order to execute JavaScript code in the context of the web site...
2 Zend Framework: SQL injection of PostgreSQL Zend\Db
An attacker can use a SQL injection in PostgreSQL Zend\Db of Zend Framework, in order to read or alter data...
2 Squid cache: three vulnerabilities
An attacker can use several vulnerabilities of Squid cache...
2 BIND: denial of service via DNSSEC Trust Anchor
An attacker can invite BIND to perform a DNSSEC validation, in order to trigger a denial of service...
3 Internet Explorer: use after free via display run-in
An attacker can force the usage of a freed memory area via display:run-in on Internet Explorer, in order to trigger a denial of service, and possibly to execute code...
2 JDOM: two vulnerabilities
An attacker can use several vulnerabilities of JDOM...
1 GnuPG: key detection by LLC cache
An attacker, who is located in a virtual machine of a computer performing operations with GnuPG on chosen messages, can analyze the LLC of this computer, in order to guess a decryption key...
   recent vulnerabilities
2 WordPress All In One WP Security & Firewall: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress All In One WP Security & Firewall, in order to force the victim to perform operations...
2 WordPress All In One WP Security & Firewall: SQL injection
An attacker can use a SQL injection of WordPress All In One WP Security & Firewall, in order to read or alter data...
2 Squid: HTTP header injection
An attacker can inject HTTP headers in Squid, in order to inject or read data...
2 Cisco IOS XE: adding entries via of ANI
An attacker can send ANI messages to Cisco IOS XE, in order to alter the configuration...
2 Cisco IOS, XE: denial of service via RADIUS
An attacker can send a malicious RADIUS packet to Cisco IOS, or IOS XE, in order to trigger a denial of service...
2 Cisco IOS XR: denial of service via SNMPv2
An attacker can send a malicious SNMPv2 packet to Cisco IOS XR, in order to trigger a denial of service...
2 Windows Schannel: weakening TLS encryption via FREAK
An attacker, located as a Man-in-the-Middle, can force the Windows Schannel client to accept a weak export algorithm, in order to more easily capture or alter exchanged data...
2 SIMATIC: code execution via a DLL
An attacker can create a malicious DLL, and store it in a directory and invite the victim to open a SIMATIC document from this directory, in order to execute code...
2 SIMATIC S7-300: denial of service via ISO-TSAP/Profibus
An attacker can send a malicious ISO-TSAP packet to SIMATIC S7-300, in order to trigger a denial of service...
2 pfSense: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of pfSense, in order to execute JavaScript code in the context of the web site...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 20000 vulnerabilities and their 35000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 14 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks



















Copyright 1999-2015 Vigil@nce. Vigil@nce is a service from Orange Applications for Business. Site map. Legal notice. Version française