Since 1999, the Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security fixes, a database and tools to remediate them.
Each user customizes the list of software to track. As soon as Vigil@nce publishes an alert for one of his software, the user receives a vigilance bulletin, containing a simple explanation of the threat, its patches and workarounds.
The administrator then uses the online Vigil@nce diary in order to plan and track the security process.


Our offer Request your free trial

Computer vulnerabilities bulletins published by Vigil@nce

Public vulnerabilities
Node.js elliptic: information disclosure via Secp256k1 Implementation
Node.js botframework-connector: privilege escalation via Improper Authentication
FortiGate: data transit via Transparent Proxy Malformed HTTP/S Traffic
OSSEC: denial of service via _ReadElem
Linux kernel: read-write access via iscsi_if_recv_msg
Linux kernel: read-write access via iSCSI show_transport_handle
IBM API Connect: Man-in-the-Middle via Database Replication
IBM API Connect: spoofing via Registration Invitation Link
Ceph: privilege escalation via JSON Web Token
MuPDF: use after free via Linearization
libcaca: buffer overflow via caca_resize
Python: code execution via _xxsubinterpreters
OS-autoinst: denial of service via SIGCHLD Signal
FreeRADIUS: bad logging via Global Logrotate Change
Asterisk: denial of service via T.38 Zero Port
Node.js jose: information disclosure via Observable Timing Discrepancy
Snort: denial of service via Ethernet Frame Decoder
Xen, Linux: denial of service via Map Foreign Pages
Xen, Linux: denial of service via Netback Grant Mapping Errors
Zabbix: Cross Site Request Forgery via CControllerAuthenticationUpdate
Recent vulnerabilities
Sophos Endpoint Protection on MacOS: privilege escalation
Node.js underscore: code execution via template
Node.js json: code execution via parseLookup
Node.js grunt: code execution via YAML
Node.js bestzip: command execution via options
Wind River VxWorks: information disclosure via IKE
Linux kernel: memory corruption via KVM
Linux kernel: buffer overflow via dm-ioctl.c
WordPress Business Directory Plugin: multiple vulnerabilities
IBM Tivoli Storage Manager: buffer overflow via dsmadmc
DjVuLibre: buffer overflow via DjVuDocument-get_djvu_file
ESRI ArcGIS for Server: Cross Site Scripting
Apache Tomcat: code execution via Enabled AJP Connector
Python urllib http client: denial of service via an HTTP response with status 100
GNOME Autoar: file overwrite
Cisco AnyConnect Secure Mobility Client: corruption of VPN settings
Cisco Content Security Management Appliance, Email Security Appliance, Web Security Appliance: information disclosure via AsyncOS
Cisco SD-WAN vEdge: file corruption via CLI
Cisco SD-WAN vEdge: privilege escalation via CLI
Cisco Content Security Management Appliance: privilege escalation
Severities: 1 = low, 2 = medium, 3 = important, 4 = critical.

Daily activities

  • Vulnerabilities are discovered daily and published on thousands of internet information sources.
  • Vigil@nce announces these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
  • Your teams secure and protect your networks based on Vigil@nce information and tools.

Your environment

  • A database describing more than 30000 vulnerabilities and their 70000 solutions.
  • A web space where each user defines his vigilance preferences.
  • Alert and synthesis e-mails, to inform your teams.
  • A customized tracking of your software and systems.
  • A diary to plan solutions to install, and to monitor the security process of each computer.

Your benefits

  • A customized watch on computer vulnerabilities and their solutions.
  • An experienced team at your service for more than 22 years.
  • A tool to monitor the security process of your networks and computers.
  • A CVE compatible solution.
  • A time saving for your team which concentrates on important tasks.