Since 1999, the Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security fixes, a database and tools to remediate them.
Each user customizes the list of software to track. As soon as Vigil@nce publishes an alert for one of his software, the user receives a vigilance bulletin, containing a simple explanation of the threat, its patches and workarounds.
The administrator then uses the online Vigil@nce diary in order to plan and track the security process.


Our offer Request your free trial

Computer vulnerabilities bulletins published by Vigil@nce

Public vulnerabilities
GNOME GLib: information disclosure via GSocketClient Direct Connect
Node.js Yarn: file corruption via Package Install
Docker docker-credential-secretservice: use after free
TigerVNC: multiple vulnerabilities
libyang: buffer overflow via make_canonical
F5 BIG-IP: information disclosure via Multi-bladed vCMP Fragmentation Attack
F5 BIG-IP: denial of service via Virtual Edition Virtio Direct Descriptors
F5 BIG-IP: denial of service via FastL4 Loose Initiation
F5 BIG-IP LTM: denial of service via MRF Diameter 32K Connections
F5 BIG-IP: read-write access via SCP Blacklist
F5 BIG-IP APM: information disclosure via STP Pass Through VLAN-tagged Frames
F5 BIG-IP: privilege escalation via iRules
F5 BIG-IP: information disclosure via UCS Backup File Secret
OTRS Help Desk: unexpired session via SessionMaxIdleTime Ignored
SUSE wicked: memory leak via DHCP4 FSM Other Client IDs
F5 BIG-IP APM: privilege escalation via Edge Client for Windows
systemd: memory leak via button_open
Node.js nextcloud-vue-collections: Cross Site Scripting
F5 BIG-IP DNS: information disclosure via TSIG Key Secret
F5 BIG-IP ASM: privilege escalation via Cloud Security Services X.509 Certificate
Recent vulnerabilities
Dell EMC Avamar Server: open redirect
Linux kernel: memory corruption via AArch64 Brk Top Byte
NetworkManager VPN plugin for SSH: privilege escalation
Linux kernel: privilege escalation via KVM Nested VMX
Python: overload via Lib/zipfile.py
Chrome: three vulnerabilities
Sophos Endpoint Protection: vulnerability via ZIP Archive Bypass
Centreon Web: privilege escalation via Blank contact_autologin_key
Centreon Web: information disclosure via URL Session ID
OpenSMTPD: code execution via Multi-line Response
IBM QRadar Advisor With Watson App for IBM QRadar SIEM: information disclosure via HTTP Requests
IBM QRadar Advisor With Watson App for IBM QRadar SIEM: information disclosure via Weak Cryptographic Algorithms
Intel Processors: information disclosure via Cleanup Errors
Apache Tomcat: code execution via Enabled AJP Connector
Apache Tomcat: information disclosure via Reverse Proxy Transfer-Encoding End-of-line HTTP Request Smuggling
Apache Tomcat: information disclosure via Reverse Proxy Transfer-Encoding Header HTTP Request Smuggling
Go: denial of service via Malformed Certificate
SQLite: denial of service via isAuxiliaryVtabOperator
Cacti: code execution via Graph Real-time Privilege
Google Chrome: three vulnerabilities
Severities: 1 = low, 2 = medium, 3 = important, 4 = critical.

Daily activities

  • Vulnerabilities are discovered daily and published on thousands of internet information sources.
  • Vigil@nce announces these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
  • Your teams secure and protect your networks based on Vigil@nce information and tools.

Your environment

  • A database describing more than 30000 vulnerabilities and their 70000 solutions.
  • A web space where each user defines his vigilance preferences.
  • Alert and synthesis e-mails, to inform your teams.
  • A customized tracking of your software and systems.
  • A diary to plan solutions to install, and to monitor the security process of each computer.

Your benefits

  • A customized watch on computer vulnerabilities and their solutions.
  • An experienced team at your service for more than 21 years.
  • A tool to monitor the security process of your networks and computers.
  • A CVE compatible solution.
  • A time saving for your team which concentrates on important tasks.