Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access

The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
2 WordPress Another WordPress Classifieds: SQL injection
An attacker can use a SQL injection of WordPress Another WordPress Classifieds, in order to read or alter data...
2 Cisco Unified Communications Manager: bypassing authentication of Remote Mobile Access
An attacker can use an X.509 certificate with a SAN field on Cisco Unified Communications Manager, in order to access to Remote Mobile Access...
2 GnuTLS: memory corruption via ECC
An attacker can generate a memory corruption via ECC of GnuTLS, in order to trigger a denial of service, and possibly to execute code...
2 ImageMagick: unreachable memory reading via PNG property.c
An attacker can create a malicious PNG image, to force a read at an invalid address in property.c of ImageMagick, in order to trigger a denial of service...
1 Qemu: unreachable memory reading via bits_per_pixel
An attacker can force a read at an invalid address in the bits_per_pixel() function of Qemu, in order to trigger a denial of service...
2 Office 2007: privilege escalation via IME Japanese
An attacker can use a vulnerability of the IME Japanese of Office 2007, in order to escalate his privileges...
2 Microsoft SharePoint: Cross Site Scripting of List
An authenticated attacker can trigger a Cross Site Scripting in Microsoft SharePoint, in order to execute JavaScript code in the context of other users...
2 Microsoft .NET: privilege escalation via .NET Remoting
An authenticated attacker can use .NET Remoting of Microsoft .NET, in order to escalate his privileges...
2 Windows: privilege escalation via Audio Service
A local attacker can use Audio Service of Windows, in order to escalate his privileges...
2 Windows 2003: privilege escalation via TCP/IP IOCTL
A local attacker can use a malicious TCP/IP IOCTL, to corrupt the memory of Windows 2003, in order to escalate his privileges...
   recent vulnerabilities
1 Xen: unreachable memory reading via REP MOVS
An attacker can force a read at an invalid address in REP MOVS of Xen, in order to trigger a denial of service...
1 Xen: denial of service via hypercall_xlat_continuation
An attacker can generate an error in hypercall_xlat_continuation() of Xen, in order to trigger a denial of service...
3 Centreon: two vulnerabilities
An attacker can use several vulnerabilities of Centreon...
2 TYPO3 WebDav for filemounts: information disclosure
An attacker can use TYPO3 WebDav for filemounts, in order to obtain sensitive information...
2 WordPress Apptha Video Gallery: two vulnerabilities
An attacker can use several vulnerabilities of WordPress Apptha Video Gallery...
2 WordPress db-backup: directory traversal
An attacker can traverse directories of WordPress db-backup, in order to read a file outside the service root path...
2 WordPress Sexy Squeeze Pages: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Sexy Squeeze Pages, in order to execute JavaScript code in the context of the web site...
1 WordPress Html5 Mp3 Player with Playlist: information disclosure via playlist.php
An attacker can use playlist.php of WordPress Html5 Mp3 Player with Playlist, in order to obtain sensitive information...
2 mutt: integer overflow of mutt_substrdup
An attacker can generate an integer overflow in the mutt_substrdup() function of mutt, in order to trigger a denial of service, and possibly to execute code...
2 Cisco ASA: memory leak via SSL VPN
An attacker can create a memory leak in SSL VPN of Cisco ASA, in order to trigger a denial of service...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 20000 vulnerabilities and their 35000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 14 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks



















Copyright 1999-2014 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française