The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
2 Cisco NX-OS: escape to the system shell
An attacker can use special characters in commands for Cisco NX-OS, in order to get a system shell...
2 Cisco Adaptive Security Appliance: denial of service via SNMP
An attacker can send malicious SNMP packets to Cisco Adaptive Security Appliance, in order to trigger a denial of service...
1 Mozilla NSS: disabling Forward Secrecy of ECDHE_ECDSA
An attacker can act as a Man-in-the-middle on an ECDHE_ECDSA exchange with a Mozilla NSS client, in order to disable the Forward Secrecy, which may ease the session decryption...
1 Linux kernel: infinite loop of perf_callchain_user_64
A local attacker can create a program with a malicious stack layout, in order to generate an infinite loop in the perf_callchain_user_64() function of the Linux kernel...
2 TYPO3 Core: six vulnerabilities
An attacker can use several vulnerabilities of TYPO3...
1 Linux kernel: descriptor leak via VHOST_SET_LOG_FD
A privileged local attacker, accessing to /dev/vhost-net, can create a descriptor leak via VHOST_SET_LOG_FD on the Linux kernel, in order to trigger a denial of service...
2 Drupal Views Bulk Operations: privilege escalation
An attacker can use the account list of Drupal Views Bulk Operations, in order to escalate his privileges...
2 Drupal Migrate: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Migrate, in order to execute JavaScript code in the context of the web site...
2 Joomla swMenuFree: wrong directory permission
An attacker can browse the directories created with unsuitable permissions by Joomla swMenuFree, in order to get sensitive information...
2 Magento: Cross Site Scripting of description
An attacker can trigger a persistent Cross Site Scripting in a description field of Magento, in order to execute JavaScript code in the context of the web site...
  
recent vulnerabilities
2 WordPress WPML: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WPML, in order to run JavaScript code in the context of the web site...
3 Joomla Content Editor: file upload
An attacker can upload a malicious file on Joomla Content Editor, in order for example to upload a Trojan...
2 Ruggedcom ROS: packet transmission between VLAN
An attacker can use the IP Forwarding feature of Ruggedcom ROS, in order to send a packet to another VLAN...
4 Google Chrome: multiple vulnerabilities
An attacker can use several vulnerabilities of Google Chrome...
2 F-Secure Anti-Virus: privilege escalation via FSGK.SYS
A local attacker can use the FSGK.SYS driver of F-Secure Anti-Virus, in order to escalate his privileges...
1 Cisco NX-OS: denial of service via ARP
An attacker can send a malicious ARP packet to Cisco NX-OS, in order to trigger a denial of service...
2 WordPress WatuPRO: two vulnerabilities
An attacker can use several vulnerabilities of WordPress WatuPRO...
2 Fortinet FortiClient: four vulnerabilities
An attacker can use several vulnerabilities of Fortinet FortiClient...
2 HP LoadRunner Controller: buffer overflow of LRS
An attacker can generate a buffer overflow with a LRS file on HP LoadRunner Controller, in order to trigger a denial of service, and possibly to run code...
1 Xen: denial of service via xenmem_add_to_physmap_one
A local privileged attacker can call xenmem_add_to_physmap_one() on Xen, in order to trigger a denial of service...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 25000 vulnerabilities and their 40000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 16 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks