Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access

The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Each user customizes the list of software to track.

As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Our offer...
public vulnerabilities
3 Cisco IOS XR: denial of service via NetFlow
An attacker can send IPv4 or IPv6 ill formed packets to NetFlow of Cisco IOS XR, in order to trigger a denial of service...
3 Apache httpd: NULL pointer dereference via mod_cache
An attacker can dereference a NULL pointer in mod_cache of Apache httpd, in order to trigger a denial of service...
1 OpenBSD: denial of service via unaligned memory access
A local attacker can used an OpenBSD program using unaligned addresses, in order to trigger a denial of service...
2 OpenSSH: access to /proc via SFTP
An authenticated attacker can read the /proc/self/maps file via SFTP of OpenSSH, in order to obtain sensitive information, or he can also write in the /proc/self/mem file to alter the memory content...
3 NSS: multiple vulnerabilities
An attacker can use several vulnerabilities of NSS...
3 WordPress Gallery Objects: SQL injection
An attacker can use a SQL injection of WordPress Gallery Objects, in order to read or alter data...
2 Cisco ASA: denial of service via SSL VPN and SharePoint
An attacker can use SharePoint via the SSL VPN of Cisco ASA, in order to trigger a denial of service...
2 Magento Enterprise Edition: CSV file upload
A privileged attacker can upload a malicious PHP.CSV file on Magento Enterprise Edition, in order to execute code...
2 Cisco IOS XR: bypassing ACL via compression
An attacker can bypass ACLs of Cisco IOS XR which use ranges, in order to access to a service which should be filtered...
2 WordPress BulletProof Security: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress BulletProof Security, in order to execute JavaScript code in the context of the web site...
   recent vulnerabilities
2 VMware vSphere Data Protection: information disclosure via Java
An attacker can use the Java API of Vmware vSphere Data Protection, in order to obtain sensitive information...
2 Apple QuickTime: multiple vulnerabilities
An attacker can use several vulnerabilities of Apple QuickTime...
3 Mulesoft Mule ESB: code execution
An attacker can inject Java code into Mulesoft Mule ESB, in order to, for instance, raise his privileges...
2 Drupal Document: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Document, in order to execute JavaScript code in the context of the web site...
2 Drupal Ubercart: Cross Site Scripting of administration links
An attacker can trigger a Cross Site Scripting in some administration links of Drupal Ubercart, in order to execute JavaScript code in the context of the web site...
2 Drupal Bad Behavior: getting secrets from log files
A local attacker can get user names and passwords from the log files of Drupal Bad Behavior...
3 TYPO3: multiple vulnerabilities
An attacker can use several vulnerabilities of TYPO3...
1 phpMyAdmin: Cross Site Scripting of debug and monitor functions
An attacker can trigger a Cross Site Scripting in DatabaseInterface.class.php and server_status_monitor.js of phpMyAdmin, in order to execute JavaScript code in the context of the web site...
1 Linux kernel: denial of service via KVM
An attacker can open the control device /dev/kvm while a guest system uses the privileged register CR4, in order to trigger a denial of service...
2 FreeBSD: memory leak via the directory cache with Capsicum
An attacker can create a memory leak in the directory cache of FreeBSD, in order to trigger a denial of service...


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.

your environment

  • a database describing more than 20000 vulnerabilities and their 35000 solutions
  • a web space where each user defines his preferences
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking of your software and systems
  • a diary to plan solutions to install, and to monitor the security process of each computer
  • a manager view, and customized reports

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service for more than 14 years
  • a tool to monitor the security process of your networks and computers
  • a CVE compatible solution
  • a time saving for your team which concentrates on important tasks



















Copyright 1999-2014 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française