Orange Applications for Business
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access

The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
1 Puppet Enterprise: multiple vulnerabilities
An attacker can use several vulnerabilities of Puppet Enterprise...
1 Linux kernel: infinite loop of isofs Rock Ridge CE
A local attacker can insert a malicious cdrom, to generate an infinite loop via isofs Rock Ridge CE on the Linux kernel, in order to trigger a denial of service...
1 Fine Free file: denial of service via ELF Strings
An attacker can force Fine Free file to analyze a malicious ELF file, in order to trigger a denial of service...
1 Fine Free file: denial of service via ELF Notes
An attacker can force Fine Free file to analyze a malicious ELF file, in order to trigger a denial of service...
2 OpenBSD: denial of service via PIPEX
An attacker can send a malicious PIPEX packet to OpenBSD, in order to trigger a denial of service...
2 VMware vCenter Server: invalid certificate check
An attacker can act as a Man-in-the-Middle of VMware vCenter Server, in order to obtain or alter information about the CIM service...
2 VMware vCenter Server Appliance: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of VMware vCenter Server Appliance, in order to execute JavaScript code in the context of the web site...
2 Qemu: memory corruption via cirrus
An attacker who is privileged in the guest system can generate a memory corruption in the host system via cirrus of Qemu, in order to trigger a denial of service, and possibly to execute code...
2 WordPress Cart66 Lite: SQL injection
An attacker can use a SQL injection of WordPress Cart66 Lite, in order to read or alter data...
2 procmail: buffer overflow of getlline
A local attacker can edit his ~/.procmailrc file, to generate a buffer overflow in the getlline() function of procmail, in order to trigger a denial of service, and possibly to execute code...
   recent vulnerabilities
3 NTP.org: multiple vulnerabilities
An attacker can use several vulnerabilities of NTP.org...
2 WordPress PictoBrowser: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress PictoBrowser, in order to execute JavaScript code in the context of the web site...
2 WordPress Post to Twitter: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Post to Twitter, in order to execute JavaScript code in the context of the web site...
2 WordPress PWG Random: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress PWG Random, in order to execute JavaScript code in the context of the web site...
2 WordPress gSlideShow: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress gSlideShow, in order to execute JavaScript code in the context of the web site...
2 WordPress SimpleFlickr: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress SimpleFlickr, in order to execute JavaScript code in the context of the web site...
2 WordPress twimp-wp: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress twimp-wp, in order to execute JavaScript code in the context of the web site...
2 WordPress Simplelife: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Simplelife, in order to execute JavaScript code in the context of the web site...
2 WordPress Twitter LiveBlog: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Twitter LiveBlog, in order to execute JavaScript code in the context of the web site...
2 WordPress TweetScribe: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress TweetScribe, in order to execute JavaScript code in the context of the web site...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 20000 vulnerabilities and their 35000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 14 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks



















Copyright 1999-2014 Vigil@nce. Vigil@nce is a service from Orange Applications for Business. Site map. Legal notice. Version française