Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access

The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
1 NetBSD: denial of service via modctl
A local attacker can use modctl of NetBSD, in order to trigger a denial of service...
1 NetBSD: multiple vulnerabilities of COMPAT_
An attacker can use several vulnerabilities of COMPAT_ of NetBSD...
1 QEMU: denial of service via vmstate_xhci_event
A local attacker can use vmstate_xhci_event of QEMU, in order to trigger a denial of service...
3 Exim: code execution via EXPERIMENTAL_DMARC
An attacker can send a malicious email to Exim compiled with EXPERIMENTAL_DMARC, in order to execute code...
2 IBM TSM Client: privilege escalation via SetUID
A local attacker can create a malicious library, which is loaded by a suid program of IBM TSM Client, in order to escalate his privileges...
2 IBM TSM for Space Management: read-write access via Backup-Archive
An attacker can bypass access restrictions of IBM TSM for Space Management files, in order to read or alter data...
2 WordPress ck-and-syntaxhighlighter: file upload
An attacker can upload a malicious file on WordPress ck-and-syntaxhighlighter, in order for example to upload a Trojan...
2 Cacti: SQL injection of graph_settings.php
An attacker can use a SQL injection in graph_settings.php of Cacti, in order to read or alter data...
2 BlackBerry Enterprise Service: information disclosure via activity log files
An attacker can trigger an error with Enterprise Instant Messenger of BlackBerry Enterprise Service, in order to obtain sensitive information...
1 Apache Subversion: information disclosure via MD5 Cache
A local attacker can trigger a MD5 collision in the cache of Apache Subversion, in order to obtain sensitive information...
   recent vulnerabilities
1 Sophos Disk Encryption: disk access after sleep mode
An attacker can wake up a sleeping computer with no authentication, in order to read or alter disk data, even if Sophos Disk Encryption is used...
3 WordPress Slideshow Gallery: file upload
An attacker can upload a malicious file on WordPress Slideshow Gallery, in order for example to upload a Trojan...
2 Net-SNMP: denial of service via snmptrapd
An attacker can send a malicious SNMP TRAP packet to snmptrapd of Net-SNMP with "-OQ", in order to trigger a denial of service...
1 Perl Clipboard: file corruption via clipedit
A local attacker can create a symbolic link named /tmp/clipedit$$, in order to alter the pointed file, with privileges of Perl Clipboard clipedit...
2 VMware: multiple vulnerabilities of vm-support
An attacker can use several vulnerabilities of vm-support of VMware...
2 IBM DB2: multiple vulnerabilities
An attacker can use several vulnerabilities of IBM DB2...
2 WordPress ShortCode: information disclosure via force-download.php
An attacker can use force-download.php of WordPress ShortCode, in order to obtain sensitive information...
3 pfSense: multiple vulnerabilities
An attacker can use several vulnerabilities of pfSense...
3 F5 BIG-IP: read-write access via ConfigSync
An unauthenticated attacker can connect to the ConfigSync service of F5 BIG-IP, in order to read or alter files, for example to log in as root via ssh...
2 MIT krb5: use after free via SPNEGO init_ctx_reselect
An attacker can use a freed memory area in SPNEGO init_ctx_reselect() of MIT krb5, in order to trigger a denial of service, and possibly to execute code...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 20000 vulnerabilities and their 35000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 14 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks



















Copyright 1999-2014 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française