Orange Applications for Business
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free trial free trial



The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
2 OpenSSL: memory leak via hostname
An attacker can create a memory leak in the hostname extension of OpenSSL, in order to trigger a denial of service...
2 WordPress IP Blacklist Cloud: directory traversal
An attacker can traverse directories of WordPress IP Blacklist Cloud, in order to read a file outside the service root path...
2 WordPress WPML: three vulnerabilities
An attacker can use several vulnerabilities of WordPress WPML...
2 Zend Framework: Cross Site Request Forgery of Zend\Validator\Csrf
An attacker can trigger a Cross Site Request Forgery even if Zend\Validator\Csrf is used on Zend Framework, in order to force the victim to perform operations...
2 Xen: privilege escalation via VGA Backend
A local attacker can use the VGA Backend of Xen, in order to access to a guest system...
1 Qemu: infinite loop of PRDT
A local attacker can generate an infinite loop with PRDT data in Qemu, in order to trigger a denial of service...
2 ArcSight ESM: two vulnerabilities
An attacker can use several vulnerabilities of ArcSight ESM and Logger...
1 GnuTLS: incoherence of signature algorithms
An attacker can use an incoherent X.509 certificate with an application linked with GnuTLS, in order to weaken the security level...
2 Linux kernel: integer overflow of Infiniband
A local attacker can generate an integer overflow in the Infiniband implementation of the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
1 GnuTLS: forgery of RSA PKCS #1 signature
An attacker can for example use MD5 to sign RSA PKCS #1 data of an application linked to GnuTLS, in order to more easily create a forged signature...
   recent vulnerabilities
2 GNU Libtasn1: buffer overflow of _asn1_ltostr
An attacker can generate a buffer overflow in _asn1_ltostr() of GNU Libtasn1, in order to trigger a denial of service, and possibly to execute code...
2 PHP: file creation via move_uploaded_file
An attacker can use the null character in move_uploaded_file() of PHP, in order to force the creation of a malicious file...
3 PHP: four vulnerabilities
An attacker can use several vulnerabilities of PHP...
2 WordPress Aspose DOC Exporter: directory traversal
An attacker can traverse directories of WordPress Aspose DOC Exporter, in order to read a file outside the service root path...
2 Joomla Gallery WD: SQL injection
An attacker can use a SQL injection of Joomla Gallery WD, in order to read or alter data...
2 Cisco Unified CM: directory traversal
An attacker can traverse directories of Cisco Unified CM, in order to read a file outside the service root path...
2 Python requests: manipulating Cookies
An attacker can use Python requests clients, in order to force a cookie or to read a cookie...
1 WebKitGTK+: late check of X.509 certificate
An attacker, owning a TLS server, can invite a WebKitGTK+ client to connect, in order to capture information about the client...
2 TYPO3 Neos: read-write access
An authenticated attacker can bypass access restrictions of TYPO3 Neos, in order to read or alter data of other editors...
3 Cisco NX-OS: command injection via DHCP POAP
An attacker can send a malicious DHCP packet to Cisco NX-OS, in order to execute privileged code...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 20000 vulnerabilities and their 35000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 16 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks



















Copyright 1999-2015 Vigil@nce. Vigil@nce is a service from Orange Applications for Business. Site map. Legal notice. version française