The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
3 Samba: use after free via NetLogon
An unauthenticated attacker can force the usage of a freed memory area in NetLogon of Samba, in order to trigger a denial of service, and possibly to execute code with root privileges...
1 GnuPG: information disclosure via OpenPGP Format
An attacker, who can read an error message which occurs during the automatic decryption by GnuPG, can send numerous encrypted messages in order to progressively guess the content of the clear message...
1 Drupal Entityform Block: write access
An attacker can bypass access restrictions of Drupal Entityform Block, in order to alter data...
1 Drupal Dynamic display block: information disclosure
An attacker can read titles of contents of Drupal Dynamic display block, in order to obtain sensitive information...
3 Cisco IOS XR: denial of service via IPv6
An attacker can send a malicious IPv6 packet to Cisco IOS XR, in order to trigger a denial of service...
1 GnuTLS: accepting a MD5 signature
An attacker, who can generate a signature on the fly (unlikely), can use a weak algorithm (MD5) with applications linked to GnuTLS, in order to act as a Man-in-the-Middle...
3 FreeType: multiple vulnerabilities
An attacker can use several vulnerabilities of FreeType...
3 TYPO3 Core: bypassing authentication of rsaauth
An attacker can use the rsaauth extension of TYPO3 Core, in order to authenticate on a restricted frontend area...
1 WordPress Slideshow: information disclosure
An attacker can bypass access restrictions to data of WordPress Slideshow, in order to obtain sensitive information...
1 IBM DB2: information disclosure via monitoring/audit
An authenticated attacker can use the monitoring/audit feature of IBM DB2, in order to obtain sensitive information...
  
recent vulnerabilities
2 PostgreSQL: three vulnerabilities
An attacker can use several vulnerabilities of PostgreSQL...
2 Cisco Secure Access Control Server: denial of service via REST
An attacker can craft network traffic to the REST API of Cisco Secure Access Control Server, in order to trigger a denial of service...
2 WordPress church_admin: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress church_admin, in order to execute JavaScript code in the context of the web site...
2 WordPress Simple Photo Gallery: SQL injection
An attacker can use a SQL injection of WordPress Simple Photo Gallery, in order to read or alter data...
2 WordPress Landing Pages: two vulnerabilities
An attacker can use several vulnerabilities of WordPress Landing Pages...
2 WordPress NewStatPress: two vulnerabilities
An attacker can use several vulnerabilities of WordPress NewStatPress...
2 WordPress WP Membership: three vulnerabilities
An attacker can use several vulnerabilities of WordPress WP Membership...
2 WordPress GigPress: SQL injection
An attacker can use a SQL injection of WordPress GigPress, in order to read or alter data...
2 Drupal Aegir: code execution
An attacker in the same platform can upload code on Drupal Aegir, in order to execute code...
2 Drupal Navigate: two vulnerabilities
An attacker can use several vulnerabilities of Drupal Navigate...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 20000 vulnerabilities and their 35000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 16 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks