Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access

The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
1 Linux kernel: NULL pointer dereference via assoc_array
An attacker can force a NULL pointer to be dereferenced in the assoc_array feature of the Linux kernel, in order to trigger a denial of service...
2 PHP: use after free via SPL ArrayIterator
A local attacker can use a freed memory area in SPL ArrayIterator of PHP, in order to trigger a denial of service, and possibly to execute code...
2 Symfony: four vulnerabilities
An attacker can use several vulnerabilities of Symfony...
2 Splunk Enterprise: Cross Site Scripting of Referer Header
An attacker can trigger a Cross Site Scripting in Referer Header of Splunk Enterprise, in order to execute JavaScript code in the context of the web site...
2 WordPress EWWW Image Optimizer: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress EWWW Image Optimizer, in order to execute JavaScript code in the context of the web site...
2 WordPress All In One WP Security: SQL injection
An attacker can use a SQL injection of WordPress All In One WP Security, in order to read or alter data...
2 Drupal Avatar Uploader: information disclosure
An attacker can use Drupal Avatar Uploader, in order to obtain sensitive information...
1 Linux kernel: infinite loop of __udf_read_inode
An attacker can mount an UDF file system, to generate a large recursion in __udf_read_inode(), in order to trigger a denial of service of the Linux kernel...
2 WordPress WP Photo Album Plus: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP Photo Album Plus, in order to execute JavaScript code in the context of the web site...
2 WordPress Contact Form: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress Contact Form, in order to force the victim to perform operations...
   recent vulnerabilities
2 Dotclear: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Dotclear, in order to execute JavaScript code in the context of the web site...
2 Asterisk: unreachable memory reading via res_fax_spandsp
An attacker can force a read at an invalid address in res_fax_spandsp of Asterisk, in order to trigger a denial of service...
2 Asterisk: unreachable memory reading via SIP SUBSCRIBE
An attacker can force a read at an invalid address in SIP SUBSCRIBE of Asterisk, in order to trigger a denial of service...
4 Internet Explorer: multiple vulnerabilities
An attacker can use several vulnerabilities of Internet Explorer...
3 Microsoft .NET: denial of service via hash collision
An attacker can send special queries to a service using Microsoft .NET, in order to trigger a denial of service...
2 Joomla AceSEF: SQL injection
An attacker can use a SQL injection of Joomla AceSEF, in order to read or alter data...
2 WordPress EWWW Image Optimizer: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress EWWW Image Optimizer, in order to execute JavaScript code in the context of the web site...
2 WordPress Contact Form DB: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Contact Form DB, in order to execute JavaScript code in the context of the web site...
2 WordPress Google Calendar Events: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Google Calendar Events, in order to execute JavaScript code in the context of the web site...
2 F5 BIG-IP Configuration: external XML entity injection
An attacker can transmit malicious XML data to BIG-IP Configuration or Enterprise Manager Configuration, in order to read a file, scan sites, or trigger a denial of service...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 20000 vulnerabilities and their 35000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 14 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks



















Copyright 1999-2014 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française