Since 1999, the Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security fixes, a database and tools to remediate them.
Each user customizes the list of software to track. As soon as Vigil@nce publishes an alert for one of his software, the user receives a vigilance bulletin, containing a simple explanation of the threat, its patches and workarounds.
The administrator then uses the online Vigil@nce diary in order to plan and track the security process.


Our offer Request your free trial

Computer vulnerabilities bulletins published by Vigil@nce
Public vulnerabilities
Linux kernel: NULL pointer dereference via sco_sock_getsockopt
Linux kernel: use after free via IB/hfi1
OpenJPEG: integer overflow via opj_t1_encode_cblks
Node.js urijs: spoofing via URL Backslashes
PHP: spoofing via Url User Information
FasterXML Jackson Databind: code execution via dbcp.cpdsadapter.DriverAdapterCPDS
FasterXML Jackson Databind: code execution via org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool
FasterXML Jackson Databind: code execution via org.apache.tomcat.dbcp.dbcp2.datasources
FasterXML Jackson Databind: code execution via org.apache.tomcat.dbcp.dbcp.datasources
FasterXML Jackson Databind: code execution via com.newrelic.agent
EM-HTTP-Request: Man-in-the-Middle
binutils: buffer overflow via bfd_pef_parse_function_stub
gorilla/websocket: denial of service
ImageMagick: denial of service via MagickCore/gem.c
WavPack: integer overflow via WavpackPackSamples
Node.js angular.js: Cross Site Scripting
Linux kernel: denial of service via KRETPROBES
Cairo: memory corruption via composite_boxes
ImageMagick: code execution via Authenticate Option Command Injection
Node.js Axios: information disclosure via Server-Side Request Forgery
Recent vulnerabilities
Synology DSM: code execution via Download Station
Synology DSM: information disclosure via Media Server
Zstandard: read-write access via Transient Default Permissions
Zstandard: read-write access via Default Permissions
GNOME Glib: integer overflow via g_bytes_new
GNOME Glib: integer overflow via g_byte_array_new_take
OpenBSD: out-of-bounds memory reading via npppd
libebml: buffer overflow via EbmlString-ReadData
Apple iOS/macOS: memory corruption via WebKit
ClusterLabs crmsh: vulnerability
Google protobuf: integer overflow via Serialization
Node.js elliptic: information disclosure via Secp256k1 Implementation
Node.js botframework-connector: privilege escalation via Improper Authentication
QEMU: privilege escalation via Virtiofsd Xattrmap Option
FortiGate: data transit via Transparent Proxy Malformed HTTP/S Traffic
OSSEC: denial of service via _ReadElem
Linux kernel: information disclosure via iscsi_host_get_param
Linux kernel: read-write access via iscsi_if_recv_msg
Linux kernel: read-write access via iSCSI show_transport_handle
IBM API Connect: Man-in-the-Middle via Database Replication
Severities: 1 = low, 2 = medium, 3 = important, 4 = critical.

Daily activities

  • Vulnerabilities are discovered daily and published on thousands of internet information sources.
  • Vigil@nce announces these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
  • Your teams secure and protect your networks based on Vigil@nce information and tools.

Your environment

  • A database describing more than 30000 vulnerabilities and their 70000 solutions.
  • A web space where each user defines his vigilance preferences.
  • Alert and synthesis e-mails, to inform your teams.
  • A customized tracking of your software and systems.
  • A diary to plan solutions to install, and to monitor the security process of each computer.

Your benefits

  • A customized watch on computer vulnerabilities and their solutions.
  • An experienced team at your service for more than 22 years.
  • A tool to monitor the security process of your networks and computers.
  • A CVE compatible solution.
  • A time saving for your team which concentrates on important tasks.