Since 1999, the Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security fixes, a database and tools to remediate them.
Each user customizes the list of software to track.
As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing a simple explanation of the threat, its patches and workarounds.
The administrator then uses the online Vigil@nce diary in order to plan and track the security process.


Our offer Request your free trial

Computer vulnerabilities bulletins published by Vigil@nce

Public vulnerabilities
phpMyAdmin: SQL injection via Designer Database Name
Linux kernel: buffer overflow via libertas lbs_ibss_join_existing
Linux kernel: buffer overflow via libertas add_ie_rates
Linux kernel: buffer overflow via mwifiex_process_country_ie
Vtiger CRM: privilege escalation via Profile Edition Role ID
Shibboleth Service Provider: privilege escalation via Specfile Commands
OpenEXR: memory leak via ThreadPool
Hunspell: out-of-bounds memory reading via SuggestMgr-leftcommonsubstring
Asterisk: denial of service via T.38 SDP Re-invite
Asterisk: privilege escalation via AMI Originate Request
Node.js Angular: privilege escalation via Prototype Pollution
Jenkins Plugins: multiple vulnerabilities
Cisco SD-WAN Solution: Cross Site Request Forgery via vManage
Cisco Unity Express: privilege escalation via CLI
Cisco IOS XR: privilege escalation via NETCONF Over SSH
Cisco Email Security Appliance: privilege escalation via URL Filtering Bypass
Cisco Email Security Appliance: privilege escalation via MP3 Content Filter Bypass
Cisco Unified Communications Manager: SQL injection via Web-based Management Interface
Node.js handlebars: two vulnerabilities
FortiOS: Man-in-the-Middle via FortiGuard Services Communication Hard-coded Cryptographic Key
Recent vulnerabilities
Cisco Unified Communications Manager: Cross Site Request Forgery via Web-based Management Interface
Cisco IOS XE SD-WAN: privilege escalation via Default Credentials
Cisco ESA: denial of service via Zip Decompression
Cisco ESA: privilege escalation via Content Filter Bypass
Cisco ESA: Cross Site Scripting via Web-based Management Interface
Cisco WSA, SMA: read-write access via HTTP Header Injection
Cisco SD-WAN vManage: SQL injection via Web Interface
Cisco SD-WAN vManage: SQL injection via Web Interface
Cisco SD-WAN vManage: privilege escalation via CLI
Cisco SD-WAN vManage: code execution via Command Injection
Cisco IOS XR: denial of service via BGP EVPN Operational Routes
Cisco IOS XR: multiple vulnerabilities via BGP EVPN
Cisco IOS XR: denial of service via IS-IS SNMP
Cisco IOS XR: denial of service via BGP Update Attribute
Cisco Unified Communications Manager: information disclosure via Web-based Management Interface
Mitel 6970: code execution via Port Configuration Power On
Forcepoint Web Security: Cross Site Scripting via Host Header
libxml2: infinite loop via xmlStringLenDecodeEntities
libxml2: memory leak via xmlSchemaValidateStream
ReportLab: code execution via toColor eval
Severities: 1 = low, 2 = medium, 3 = important, 4 = critical.

Daily activities

  • Vulnerabilities are discovered daily and published on thousands of internet information sources.
  • Vigil@nce announces these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
  • Your teams secure and protect your networks based on Vigil@nce information and tools.

Your environment

  • A database describing more than 30000 vulnerabilities and their 70000 solutions.
  • A web space where each user defines his preferences.
  • Alert and synthesis e-mails, to inform your teams.
  • A customized tracking of your software and systems.
  • A diary to plan solutions to install, and to monitor the security process of each computer.

Your benefits

  • A customized watch on computer vulnerabilities and their solutions.
  • An experienced team at your service for more than 21 years.
  • A tool to monitor the security process of your networks and computers.
  • A CVE compatible solution.
  • A time saving for your team which concentrates on important tasks.