Orange Applications for Business
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free trial free trial



The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
2 Junos: denial of service via BGP FlowSpec
An attacker can send a malicious BGP FlowSpec packet to Junos, in order to trigger a denial of service...
2 Junos: denial of service via OSPFv3 IPsec AH
An attacker can send a malicious OSPFv3 with IPsec AH packet to Junos, in order to trigger a denial of service...
2 Junos: privilege escalation via TACACS
An authenticated attacker can run Junos command which are forbidden, in order to escalate his privileges...
2 Junos: rule bypassing on Trio-based PFE
An attacker can send malicious streams to Trio-based PFE of Junos, in order to bypass firewall rules...
2 Junos: denial of service via PAP Authenticate-Request
An attacker can send a malicious PAP Authenticate-Request packet to Junos, in order to trigger a denial of service...
2 AIX: privilege escalation via LVM lquerylv
A local attacker can use lquerylv of AIX, in order to escalate his privileges...
2 GNU patch: directory traversal via symlink
An attacker can transmit to the victim a malicious diff file, to traverse directories of patch, in order to create a file outside the current directory...
1 Cisco Ironport: privilege escalation via Service Account
A local privileged attacker can connect to the Service Account of Cisco Ironport, in order to escalate his privileges...
2 WordPress Simple Security: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Simple Security, in order to execute JavaScript code in the context of the web site...
3 NetBSD ftp, FreeBSD ftp: code execution via HTTP redirect
An attacker who controls a HTTP server can send redirections to the ftp tool of NetBSD and FreeBSD, in order to make it run an arbitrary shell command...
   recent vulnerabilities
2 WordPress Photo Gallery: SQL injection
An attacker can use a SQL injection of WordPress Photo Gallery, in order to read or alter data...
2 Linux kernel: use after free via SCTP INIT
An attacker can force the usage of a freed memory area via SCTP INIT packets sent to the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
1 Linux kernel: information disclosure via handle_to_path
A local attacker can read a memory fragment via a call to handle_to_path() on the Linux kernel, in order to obtain sensitive information...
1 Xen: denial of service via vgic ARM
A local attacker can use vgic of Xen, in order to trigger a denial of service on ARM...
3 glibc: use after free via getaddrinfo AI_IDN
An attacker can force the usage of a freed memory area in applications using getaddrinfo() of the glibc, in order to trigger a denial of service, and possibly to execute code...
2 glibc: denial of service via getaddrinfo File Descriptors
An attacker can force an application using getaddrinfo() to resolve an address, to write data partially controlled by the attacker to a bad file descriptor, in order to trigger a denial of service or to write data on the file system...
2 Fortinet FortiOS: multiple vulnerabilities of CAPWAP
An attacker can use several vulnerabilities of CAPWAP of Fortinet FortiOS...
2 Fortinet FortiClient: two vulnerabilities
An attacker can use several vulnerabilities of Fortinet FortiClient...
2 Drupal Certify: information disclosure
An attacker can use Drupal Certify, in order to obtain sensitive information...
2 Drupal Node Invite: multiple vulnerabilities
An attacker can use several vulnerabilities of Drupal Node Invite...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 20000 vulnerabilities and their 35000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 14 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks



















Copyright 1999-2015 Vigil@nce. Vigil@nce is a service from Orange Applications for Business. Site map. Legal notice. Version française