Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
we track for your security since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access

The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
2 Joomla JChatSocial: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Joomla JChatSocial, in order to execute JavaScript code in the context of the web site...
2 python-lz4: memory corruption
An attacker can generate a memory corruption of python-lz4, in order to trigger a denial of service, and possibly to execute code...
2 Horde: multiple vulnerabilities
An attacker can use several vulnerabilities of Horde...
2 Linux kernel: privilege escalation via ptrace SYSRET RIP
A local attacker can use ptrace, SYSRET and RIP on a Linux kernel installed on x86_64, in order to escalate his privileges...
1 McAfee Web Gateway: password hash disclosure
An attacker, who is allowed to see the Accounts tab, can obtain the hash of administrators' passwords of McAfee Web Gateway, in order to perform a brute force...
1 Apache httpd: denial of service via mod_cgid
An attacker, who is allowed to upload a malicious CGI script on the server, can block mod_cgid of Apache httpd, in order to trigger a denial of service...
1 Drupal Password Policy: multiple vulnerabilities
An attacker can use several vulnerabilities of Drupal Password Policy...
2 McAfee Application Control: code execution
An attacker can create a malicious program, which is not detected by McAfee Application Control...
2 Cisco IOS XR: denial of service via Punt Policer
An attacker can send malicious packets to Cisco IOS XR, in order to trigger a denial of service in Punt Policer...
2 WordPress wp-ttisbdir: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress wp-ttisbdir, in order to execute JavaScript code in the context of the web site...
   recent vulnerabilities
3 NSS: multiple vulnerabilities
An attacker can use several vulnerabilities of NSS...
4 Firefox, Thunderbird, SeaMonkey: multiple vulnerabilities
An attacker can use several vulnerabilities of Firefox, Thunderbird and SeaMonkey...
2 Exim: code execution via Double Expansion
A local attacker can edit a configuration file he has access to, in order to execute code with Exim privileges...
3 Apache httpd: denial of service via mod_proxy
An attacker can send a malicious query to mod_proxy of Apache httpd, in order to trigger a denial of service...
2 WordPress Gallery Objects: SQL injection
An attacker can use a SQL injection of WordPress Gallery Objects, in order to read or alter data...
2 Apache Xerces Java: denial of service via hash collision
An attacker can send data generating storage collisions, in order to overload a service...
2 Apache Xerces-C++: denial of service via hash collision
An attacker can send data generating storage collisions, in order to overload a service...
2 CUPS: privilege escalation via RSS
An attacker, member of the lp group, can create a symbolic link, and then read the RSS feed of CUPS, in order to escalate his privileges...
2 Nessus Web UI: information disclosure via server/properties
An attacker can access to /server/properties of Nessus Web UI, in order to obtain sensitive information...
2 MIT krb5: denial of service of GSSAPI
An attacker can use several vulnerabilities of MIT krb5...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 20000 vulnerabilities and their 30000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 14 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks



















Copyright 1999-2014 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française