Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
we track for your security since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access

The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
2 Cisco IOS XR: denial of service via ICMPv6 Redirect
An attacker can send ICMPv6 Redirect packets to Cisco IOS XR, in order to trigger a denial of service of IPv4 and IPv6 streams...
2 Cisco IOS, IOS XE: denial of service via IKE Main Mode
An attacker can send IKE Main Mode packets to Cisco IOS or IOS XE, in order to trigger a denial of service...
2 PolarSSL: accepting a certificate expired in its timezone
An attacker can create a malicious certificate, which is accepted as valid by PolarSSL, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
2 PolarSSL: accepting a certificate not yet valid
An attacker can create a malicious certificate, which is accepted as valid by PolarSSL, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
2 PolarSSL: accepting a certificate with a CA not authorized for server
An attacker can create a malicious certificate, which is accepted as valid by PolarSSL, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
2 PolarSSL: accepting a certificate with a CA not authorized to handshake
An attacker can create a malicious certificate, which is accepted as valid by PolarSSL, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
2 GnuTLS: accepting a certificate self-signed
An attacker can create a malicious certificate, which is accepted as valid by GnuTLS, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
2 GnuTLS: accepting a certificate with an unknown critical extension
An attacker can create a malicious certificate, which is accepted as valid by GnuTLS, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
2 GnuTLS: accepting a certificate with a CA not authorized for server
An attacker can create a malicious certificate, which is accepted as valid by GnuTLS, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
2 GnuTLS: accepting a certificate with a CA not authorized to handshake
An attacker can create a malicious certificate, which is accepted as valid by GnuTLS, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
   recent vulnerabilities
2 Nagios: shell command execution via NRPE
An attacker can request Nagios NRPE to execute a plugin with a special parameter, in order to execute a shell command on the server...
2 json-c: two vulnerabilities
An attacker can use several vulnerabilities of json-c...
2 WordPress SEO Plugin LiveOptim: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress SEO Plugin LiveOptim, in order to force the victim to perform operations...
2 Openfire: denial of service via XMPP
An attacker can generate a highly compressed XMPP message, and then send it to Openfire, in order to trigger a denial of service...
3 HP LoadRunner: multiple vulnerabilities of Virtual User Generator
An attacker can use several vulnerabilities of Virtual User Generator of HP LoadRunner...
2 Drupal core: information disclosure via Form State
An attacker can use forms of modules using the Form State API, in order to obtain sensitive information...
2 Drupal Block Search: SQL injection
An attacker can use a SQL injection of Drupal Block Search, in order to read or alter data...
3 Bouncy Castle: bypassing TLS Server client-auth
An attacker can offer an invalid client certificate to the DTSL/TLS server of Bouncy Castle, in order to bypass the authentication...
2 Joomla com_wrapper: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Joomla com_wrapper, in order to execute JavaScript code in the context of the web site...
2 Joomla com_smf: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Joomla com_smf, in order to execute JavaScript code in the context of the web site...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 20000 vulnerabilities and their 30000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 14 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks



















Copyright 1999-2014 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française