NPAV Logo

Shopping Cart My Cart 0
₹0.00
Currency
INR
Currency
INR

vulnerability

  1. Spring Framework and Security Vulnerabilities Allow Authorization Bypass in Generic Types

    Spring Framework and Security Vulnerabilities Allow Authorization Bypass in Generic Types

    Posted: September 16, 2025
    Categories: Security, vulnerability
    Tags: fp-3b, fp-3a, fp-1b
    Author: Npav Lab
    Views: 23
    Two medium-severity vulnerabilities in Spring Framework and Spring Security enable authorization bypass via flawed annotation detection on generic superclasses. Upgrade to fixed versions immediately to secure your applications.
    Read more
  2. Apple iOS 26 and iPadOS 26 Security Update Fixes 27 Vulnerabilities Including WebKit and Kernel Flaws

    Apple iOS 26 and iPadOS 26 Security Update Fixes 27 Vulnerabilities Including WebKit and Kernel Flaws

    Posted: September 16, 2025
    Categories: Updates, vulnerability
    Tags: fp-5a, fp-2e, fp-2b, fp-1a
    Author: Npav Lab
    Views: 39
    Apple’s latest iOS 26 and iPadOS 26 update patches 27 security vulnerabilities across key components like WebKit, Kernel, and Apple Neural Engine. Users are urged to update immediately to protect against crashes, data exposure, and privacy risks.
    Read more
  3. Ivanti September 2025 Security Updates Fix 13 Critical Vulnerabilities

    Ivanti September 2025 Security Updates Fix 13 Critical Vulnerabilities

    Posted: September 12, 2025
    Categories: Updates, vulnerability
    Tags: fp-5a, fp-1b
    Author: Npav Lab
    Views: 81
    Ivanti’s September 2025 security bulletin addresses 13 vulnerabilities in Endpoint Manager, Connect Secure, Policy Secure, ZTA Gateways, and Neurons for Secure Access. No known exploitation reported.
    Read more
  4. Critical Vulnerability in Dassault Systèmes DELMIA Apriso Risks Remote Code Execution

    Critical Vulnerability in Dassault Systèmes DELMIA Apriso Risks Remote Code Execution

    Posted: September 12, 2025
    Categories: vulnerability
    Tags: fp-5b, fp-5a, fp-1b
    Author: Npav Lab
    Views: 27
    A deserialization of untrusted data vulnerability in Dassault Systèmes DELMIA Apriso could allow remote code execution. Learn recommended actions to protect your systems.
    Read more
  5. Cursor AI Code Editor RCE Vulnerability Enables Automatic Execution of Malicious Code

    Cursor AI Code Editor RCE Vulnerability Enables Automatic Execution of Malicious Code

    Posted: September 11, 2025
    Categories: vulnerability, AI
    Tags: fp-3b, fp-3a, fp-1a
    Author: Npav Lab
    Views: 35
    A remote code execution flaw in Cursor AI Code Editor allows malicious code to run automatically when opening a project. Learn how disabling Workspace Trust exposes developers and how to protect your environment.
    Read more
  6. Microsoft September 2025 Patch Tuesday Fixes 81 Vulnerabilities Including Two Zero-Days

    Microsoft September 2025 Patch Tuesday Fixes 81 Vulnerabilities Including Two Zero-Days

    Posted: September 11, 2025
    Categories: vulnerability, Microsoft
    Tags: fp-6a, fp-5a, fp-4a, fp-1a
    Author: Npav Lab
    Views: 29
    Microsoft’s September 2025 Patch Tuesday addresses 81 security flaws, including two publicly disclosed zero-day vulnerabilities in SMB Server and Microsoft SQL Server. Learn about critical updates and other vendor patches.
    Read more
  7. Critical Progress OpenEdge AdminServer Vulnerability CVE-2025-7388 Allows Remote Code Execution

    Critical Progress OpenEdge AdminServer Vulnerability CVE-2025-7388 Allows Remote Code Execution

    Posted: September 09, 2025
    Categories: vulnerability
    Tags: fp-6e, fp-6d, fp-6c, fp-6b
    Author: Npav Lab
    Views: 46
    A severe remote code execution vulnerability in Progress OpenEdge AdminServer’s Java RMI interface (CVE-2025-7388) lets attackers execute commands with elevated privileges. Update to LTS versions 12.2.18 or 12.8.9 immediately.
    Read more
  8. Critical pgAdmin4 Vulnerability CVE-2025-9636 Allows Unauthorized Account Access

    Critical pgAdmin4 Vulnerability CVE-2025-9636 Allows Unauthorized Account Access

    Posted: September 08, 2025
    Categories: vulnerability
    Tags: fp-3b, fp-3a, fp-1b
    Author: Npav Lab
    Views: 38
    A high-severity COOP vulnerability in pgAdmin4 (up to version 9.7) enables attackers to bypass authentication and hijack accounts. Update to version 9.8 immediately to protect your PostgreSQL environment.
    Read more
  9. Android Runtime Use-After-Free Vulnerability Risks Chrome Sandbox Escape and Privilege Escalation

    Android Runtime Use-After-Free Vulnerability Risks Chrome Sandbox Escape and Privilege Escalation

    Posted: September 05, 2025
    Categories: Android Security, vulnerability
    Tags: fp-2c, fp-1b
    Author: Npav Lab
    Views: 28
    A use-after-free flaw in Android Runtime may allow Chrome sandbox escape and local privilege escalation. Learn about mitigation steps and security recommendations to protect your device.
    Read more
  10. Meta Platforms WhatsApp Incorrect Authorization Vulnerability Risks User Security

    Meta Platforms WhatsApp Incorrect Authorization Vulnerability Risks User Security

    Posted: September 04, 2025
    Categories: vulnerability, WhatsApp
    Tags: fp-2c, fp-2b, fp-1b
    Author: Npav Lab
    Views: 34
    Learn about the incorrect authorization vulnerability in Meta Platforms WhatsApp that allows unauthorized processing of content from arbitrary URLs. Discover mitigation steps and security recommendations.
    Read more
Page
Categories
Recent Posts
Cybersecurity alert: India's digital growth fuels cybercrime; boost awareness to prevent fraud and losses.
India's Cybercrime Explosion: 22.68 Lakh Cases in 2024, ₹22,845 Crore Lost
December 04, 2025
Map of seven Indian airports impacted by cyberattacks: Delhi, Mumbai, Kolkata, Hyderabad, and Bengaluru, showing GPS spoofing locations.
Cyberattack Hits Seven Indian Airports: GPS Spoofing Confirmed, No Flights Disrupted
December 02, 2025
Comparison of fake phishing domain rnicrosoft.com mimicking real Microsoft.com to steal logins via typosquatting.
Phishing Scam Alert: Hackers Swap 'm' for 'rn' to Fake Microsoft and Steal Your Logins
November 25, 2025
Scam alert infographic: Hotel booking with fake staff icon, arrows to QR code payments; protective shields for verification, with "Verify Directly" warning banner over a travel scene.
KTMS warns of hotel scams in Kerala—learn the tactics and tips to avoid losing money to impersonators.
November 17, 2025
Phishing alert infographic: Invoice email with VBS attachment, arrows to XWorm stealing data; protective shields for filtering and training, with "Verify Emails" warning banner over an inbox.
Fake Invoices Spread XWorm: Hackers Steal Login Data
November 17, 2025
Back to Top