Orange Applications for Business
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free trial free trial



The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
3 Internet Explorer: use after free via display run-in
An attacker can force the usage of a freed memory area via display:run-in on Internet Explorer, in order to trigger a denial of service, and possibly to execute code...
2 JDOM: two vulnerabilities
An attacker can use several vulnerabilities of JDOM...
1 GnuPG: key detection by LLC cache
An attacker, who is located in a virtual machine of a computer performing operations with GnuPG on chosen messages, can analyze the LLC of this computer, in order to guess a decryption key...
2 Linux kernel: buffer overflow of ecryptfs_decode_from_filename
An attacker can generate a buffer overflow in the ecryptfs_decode_from_filename() function of the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
1 GnuPG: key detection by radio listening
An attacker, who is located near a computer performing Elgamal operations with GnuPG on chosen messages, can listen radio signals from this computer, in order to guess a decryption key...
3 JasPer: two vulnerabilities of jpc_dec.c
An attacker can use several vulnerabilities of JasPer...
2 SIMATIC STEP 7: two vulnerabilities
An attacker can use several vulnerabilities of SIMATIC STEP 7...
2 TYPO3 Gridelements: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of TYPO3 Gridelements, in order to execute JavaScript code in the context of the web site...
2 Cisco ASA: access to a Tunnel Group
An authenticated attacker can bypass the Tunnel Group restriction of Cisco ASA, in order to escalate his privileges...
2 Cisco ASR 5000 System Architecture Evolution Gateway: infinite loop of SNMP
An attacker can generate an infinite loop in Cisco ASR 5000 System Architecture Evolution Gateway, in order to trigger a denial of service...
   recent vulnerabilities
2 SIMATIC: code execution via a DLL
An attacker can create a malicious DLL, and store it in a directory and invite the victim to open a SIMATIC document from this directory, in order to execute code...
2 SIMATIC S7-300: denial of service via ISO-TSAP/Profibus
An attacker can send a malicious ISO-TSAP packet to SIMATIC S7-300, in order to trigger a denial of service...
2 pfSense: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of pfSense, in order to execute JavaScript code in the context of the web site...
3 WordPress Ya'aburnee: privilege escalation via ec_ajax
An attacker can use admin-ajax.php with WordPress Ya'aburnee, in order to escalate his privileges...
3 WordPress Dignitas: privilege escalation via ec_ajax
An attacker can use admin-ajax.php with WordPress Dignitas, in order to escalate his privileges...
2 WordPress Contact Form DB: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress Contact Form DB, in order to force the victim to perform operations...
2 Cisco Secure ACS: privilege escalation via Tomcat
An authenticated attacker can use the Tomcat administration interface of Cisco Secure ACS, in order to escalate his privileges...
2 Cisco IOS XR: denial of service via RSVP
An attacker can send a malicious RSVP packet to Cisco IOS XR, in order to trigger a denial of service...
2 F5 BIG-IP: buffer overflow of MCPQ
An attacker, authenticated as an administrator, can generate a buffer overflow in MCPQ of F5 BIG-IP, in order to trigger a denial of service, and possibly to execute code...
1 Xen: information disclosure via HYPERVISOR_xen_version
A local attacker can read a memory fragment via HYPERVISOR_xen_version() of Xen, in order to obtain sensitive information...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 20000 vulnerabilities and their 35000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 14 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks



















Copyright 1999-2015 Vigil@nce. Vigil@nce is a service from Orange Applications for Business. Site map. Legal notice. Version française