Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access

The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
1 Xen: memory leak via MMU_MACHPHYS_UPDATE
An attacker can create a memory leak in MMU_MACHPHYS_UPDATE of Xen, in order to trigger a denial of service...
2 Trend Micro InterScan Web Security: file reading via AdminUI
An attacker can read files via the administration Web application of Trend Micro InterScan Web Security, in order to obtain sensitive information...
2 Qt Creator: missing SSH public key validation
An attacker can intercept communications between Qt Creator and its controlled devices, in order to get the privileges of the authorized user...
1 IBM Tivoli Storage Manager: altering files via BACKUPINITIATION
A local attacker can alter backups of IBM Tivoli Storage Manager, in order to store a malicious program for example...
2 GNU binutils: creation or corruption of files by directory traversal
An attacker can create an AR archive, in order to create or change files outside the directory the archive is located in...
2 Drupal videowhisper: Cross Site Scripting of special_textscroller.php
An attacker can trigger a Cross Site Scripting in special_textscroller.php of Drupal videowhisper, in order to execute JavaScript code in the context of the web site...
1 Xen: NULL pointer dereference via MMU Update
An attacker can force a NULL pointer to be dereferenced in MMU Update of Xen, in order to trigger a denial of service...
2 Magento Enterprise Edition: Cross Site Scripting of some Flash programs
An attacker can trigger a Cross Site Scripting in some Flash files of Magento Enterprise Edition, in order to execute JavaScript code in the context of the web site...
1 Linux kernel: read-write access via fsuid
An attacker can bypass access restrictions via a namespace on the Linux kernel, in order to read or alter files...
2 Cisco Unity Connection: sensitive information leak in the log files of Unified Messaging Service
A local attacker can read log files of Unified Messaging Service of Cisco Unity Connection, in order to obtain sensitive information...
   recent vulnerabilities
2 FreeBSD, NetBSD, OpenBSD: memory leak via Net/2 TCP Timer
An attacker can create a memory leak in the IP stack of FreeBSD, NetBSD and OpenBSD, in order to trigger a denial of service...
2 WordPress WP-DB-Backup: database downloading
An attacker can download the backup of WordPress WP-DB-Backup, in order to obtain sensitive information...
2 LibreOffice: multiple vulnerabilities of RTF
An attacker can use several vulnerabilities of RTF of LibreOffice...
1 Qemu: unreachable memory reading via bits_per_pixel
An attacker can force a read at an invalid address in the bits_per_pixel() function of Qemu, in order to trigger a denial of service...
2 Qemu: memory corruption via vmware-vga
An attacker can generate a memory corruption in vmware_vga.c of Qemu, in order to trigger a denial of service, and possibly to execute code...
3 SIMATIC WinCC, PCS 7: two vulnerabilities
An attacker can use several vulnerabilities of SIMATIC WinCC, included in PCS 7...
2 Splunk Enterprise: Cross Site Scripting of Dashboard
An attacker can trigger a Cross Site Scripting in Dashboard of Splunk Enterprise, in order to execute JavaScript code in the context of the web site...
3 glibc: code execution via wordexp
An attacker can send special data to applications using the wordexp() function of the glibc, in order to execute code...
2 Asterisk: multiple vulnerabilities
An attacker can use several vulnerabilities of Asterisk...
2 WordPress SP Client Document Manager: SQL injection
An attacker can use a SQL injection of WordPress SP Client Document Manager, in order to read or alter data...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 20000 vulnerabilities and their 35000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 14 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks



















Copyright 1999-2014 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française