Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access

The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
2 libxml2: infinite loop via entities
An attacker can create malformed XML data, in order to generate a denial of service in applications linked to libxml2...
2 SAP: spoofing signature
An attacker can sign malicious SAP documents, in order to deceive recipients...
2 SAP Netweaver: denial of service via Enqueue Server
An attacker can send a malicious Enqueue Server packet to SAP Netweaver, in order to trigger a denial of service...
2 HP Operations Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of HP Operations Manager, in order to execute JavaScript code in the context of the web site...
2 Drupal Open Atrium Core: information disclosure
An attacker can use Drupal Open Atrium Core, in order to obtain sensitive information...
2 Drupal CKEditor: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal CKEditor, in order to execute JavaScript code in the context of the web site...
2 Cisco Prime Optical: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Prime Optical, in order to execute JavaScript code in the context of the web site...
2 OpenSSL: memory leak via Session Ticket
An attacker can use a malicious Session Ticket, to create a memory leak in OpenSSL, in order to trigger a denial of service...
2 OpenSSL: memory leak via SRTP
An attacker can create a memory leak in OpenSSL compiled by default with SRTP, in order to trigger a denial of service...
4 Firefox, Thunderbird, SeaMonkey: multiple vulnerabilities
An attacker can use several vulnerabilities of Firefox, Thunderbird and SeaMonkey...
   recent vulnerabilities
3 GNU binutils: multiple vulnerabilities
An attacker can use several vulnerabilities of GNU binutils...
1 Linux kernel: denial of service via a deadlock in the directory cache
An attacker can trigger a deadlock in the code that implements the cache of directories in the Linux kernel, in order to trigger a denial of service...
3 IBM Rational Application Developer: code execution via Liberty
An attacker can spoof a Liberty repository used by IBM Rational Application Developer, in order to execute code...
2 Fortinet FortiAnalyzer, FortiManager: multiple vulnerabilities
An attacker can use several XSS vulnerabilities of Fortinet FortiAnalyzer and FortiManager...
2 Cisco Unified Communications Manager: SQL injection
An attacker can use a SQL injection of Cisco Unified Communications Manager, in order to read or alter data...
2 Cisco Unified Communications Manager: multiple Cross Site Scripting
An attacker can trigger multiple Cross Site Scripting in Cisco Unified Communications Manager, in order to execute JavaScript code in the context of the web site...
2 Joomla RD Download: SQL injection
An attacker can use a SQL injection of Joomla RD Download, in order to read or alter data...
2 ImageMagick: three buffer overflows
An attacker can use several vulnerabilities of ImageMagick...
2 Joomla Simple Email Form: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Joomla Simple Email Form, in order to execute JavaScript code in the context of the web site...
2 Drupal Commerce Authorize.Net SIM/DPM Payment Methods: fictitious payments
An attacker can forge the order number passed to Commerce Authorize.Net SIM/DPM Payment Methods for Drupal, in order to make a previous order wrongly considered payed...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 20000 vulnerabilities and their 35000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 14 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks



















Copyright 1999-2014 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française