Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access

The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
2 Cisco IOS XE: invalid certificate validation with ANI
An attacker can send a message with an invalid certificate to ANI of Cisco IOS XE, in order to masquerade as another device...
2 Cisco IOS XE: injecting ACP routes in ANI
An attacker can send a RPL Advertisement message to inject ACP routes in Cisco IOS XE with ANI...
2 Cisco IOS XE: privilege escalation via ANI
An attacker can send an invalid message to ANI of Cisco IOS XE, in order to escalate his privileges...
2 IBM WebSphere MQ: bad filtering of CHLAUTH
An attacker can bypass CHLAUTH rules of IBM WebSphere MQ, in order to access to the service...
3 Apple QuickTime: memory corruption via MVHD
An attacker can generate a memory corruption via MVHD fields of an Apple QuickTime file, in order to trigger a denial of service, and possibly to execute code...
3 HP Data Protector: multiple vulnerabilities of crs.exe
An attacker can use several vulnerabilities of crs.exe of HP Data Protector...
2 Drupal OAuth2 Client: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal OAuth2 Client, in order to execute JavaScript code in the context of the web site...
2 Drupal Nodeaccess: privilege escalation
An authenticated attacker can use Drupal Nodeaccess, in order to edit nodes...
2 Cisco IPS: infinite loop of MainApp
An attacker can use an incorrect authentication, to generate an infinite loop in MainApp of Cisco IPS, in order to trigger a denial of service...
2 Junos: multiple vulnerabilities
An attacker can use several vulnerabilities of Junos...
   recent vulnerabilities
2 Cisco IOS, XE: denial of service via CFM
An attacker can send a malicious CFM packet to Cisco IOS or IOS XE, in order to trigger a denial of service...
3 EMC Avamar: information disclosure
An attacker can use the Java API of EMC Avamar, in order to retrieve credentials of accounts MCUser et GSAN for monitored systems...
3 EMC Avamar: vulnerability of Password Storage
An attacker can use a brute force attack, in order to guess EMC Avamar passwords...
3 EMC NetWorker: information disclosure via NMMEDI
An attacker can use NMMEDI (Module for MEDITECH) of EMC NetWorker, in order to obtain sensitive information...
1 Linux kernel: denial of service via QEMU/KVM emulation
An attacker can use several vulnerabilities of KVM/QEMU, in order to trigger an host kernel panic...
2 SAP NetWeaver: denial of service via POST
An attacker can send a malicious POST query to SAP NetWeaver, in order to trigger a denial of service...
2 SAP NetWeaver HTTPd: denial of service via POST
An attacker can send a malicious POST query to SAP NetWeaver HTTPd, in order to trigger a denial of service...
2 SAP NetWeaver AS Java: external XML entity injection
An attacker can transmit malicious XML data to SAP NetWeaver AS Java, in order to read a file, scan sites, or trigger a denial of service...
2 SAProuter: integer overflow
An attacker can generate an integer overflow of SAProuter, in order to trigger a denial of service...
2 SAP HANA: SQL injection of metadata.xsjs
An attacker can use a SQL injection in metadata.xsjs of SAP HANA, in order to read or alter data...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 20000 vulnerabilities and their 35000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 14 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks



















Copyright 1999-2014 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française