Comparison Overview

Q: Between IBGE company and Nav company, which one has the best AI Cybersecurity Score ?

Nav company demonstrates a stronger AI Cybersecurity Score compared to IBGE company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between IBGE company and Nav company, which one has experienced more cyber incidents in the past ?

Historically, Nav company has disclosed a higher number of cyber incidents compared to IBGE company.

Q: Between IBGE company and Nav company, which one has experienced more cyber incidents this year ?

In the current year, Nav company and IBGE company have not reported any cyber incidents.

Q: Between IBGE company and Nav company, which one has experienced at least one ransomware attack ?

Neither Nav company nor IBGE company has reported experiencing a ransomware attack publicly.

Q: Between IBGE company and Nav company, which one has experienced at least one data breach ?

Neither Nav company nor IBGE company has reported experiencing a data breach publicly.

Q: Between IBGE company and Nav company, which one has experienced at least one targeted cyberattack ?

Neither Nav company nor IBGE company has reported experiencing targeted cyberattacks publicly.

Q: Between IBGE company and Nav company, which one has experienced at least one vulnerability ?

Neither IBGE company nor Nav company has reported experiencing or disclosing vulnerabilities publicly.

Q: Between IBGE company and Nav company, which one holds the most compliance certifications ?

Neither IBGE nor Nav holds any compliance certifications.

Q: Between IBGE company and Nav company, which one has the most subsidiaries ?

Nav company has more subsidiaries worldwide compared to IBGE company.

IBGE

Av. Franklin Roosevelt, 166, Rio de Janeiro, 20021-120, BR

Last Update: 2025-12-02

View Profile

Between 750 and 799

http://www.ibge.gov.br

The Brazilian Institute of Geography and Statistics or IBGE (Portuguese: Instituto Brasileiro de Geografia e Estatística), is the agency responsible for statistical, geographic, cartographic, geodetic and environmental information in Brazil. The IBGE performs a national census every ten years, and the questionnaires account for information such as age, household income, literacy, education, occupation and hygiene levels. IBGE is an institution of the Federal Government, constituted a public foundation by Decree Law No. 161 of February 13, 1967, and is bound to the Brazilian Department of Planning, Budget and Management. It has four directors and two other central organs. IBGE has a network of national research and dissemination components, comprising: 27 state units (26 in state capitals and one in the Federal District); 27 centres for documentation and dissemination of information (26 in the capital and one in the Federal District); 581 data collection agencies in major cities. The IBGE also maintains the Roncador Ecological Reserve, situated 35 km south of Brasília.

NAICS: 92

NAICS Definition: Public Administration

Employees: 12,990

Subsidiaries: 0

12-month incidents

0

Known data breaches

0

Attack type number

0

View Profile

Nav

Fyrstikkalléen 1, Oslo, undefined, 0661, NO

Last Update: 2025-12-01

Between 750 and 799

https://www.nav.no

Nav er en viktig del av sikkerhetsnettet i velferdsstaten. Vi skal bidra til at flere kommer i arbeid og færre går på stønad, og samtidig sørge for at de som trenger det er sikra inntekt og økonomisk trygghet gjennom rett pengestøtte til rett tid. For å løse dette samfunnsoppdraget forvalter Nav om lag en tredel av statsbudsjettet, gjennom ordninger som arbeidsrettede tiltak, dagpenger, arbeidsavklaringspenger, sykepenger, pensjon, økonomisk sosialhjelp, foreldrepenger, barnetrygd og kontantstøtte. Nav tilbyr tjenester, ytelser og stønader til både privatpersoner og arbeidsgivere. For å sikre helhetlige tjenester, samarbeider vi tett med arbeidslivet, kommune-, helse- og utdanningssektoren, andre statlige virksomheter og frivillige aktører.

NAICS: 92

NAICS Definition: Public Administration

Employees: 12,618

Subsidiaries: 4

12-month incidents

0

Known data breaches

0

Attack type number

0

IBGE

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

https://images.rankiteo.com/companyimages/nav.jpeg

Nav

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Government Administration Industry Average (This Year)

No incidents recorded for IBGE in 2025.

Incidents vs Government Administration Industry Average (This Year)

No incidents recorded for Nav in 2025.

Incident History — IBGE (X = Date, Y = Severity)

IBGE cyber incidents detection timeline including parent company and subsidiaries

Incident History — Nav (X = Date, Y = Severity)

Nav cyber incidents detection timeline including parent company and subsidiaries

IBGE

Incidents

No Incident

Nav

Incidents

No Incident

Nav company demonstrates a stronger AI Cybersecurity Score compared to IBGE company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, Nav company has disclosed a higher number of cyber incidents compared to IBGE company.

In the current year, Nav company and IBGE company have not reported any cyber incidents.

Neither Nav company nor IBGE company has reported experiencing a ransomware attack publicly.

Neither Nav company nor IBGE company has reported experiencing a data breach publicly.

Neither Nav company nor IBGE company has reported experiencing targeted cyberattacks publicly.

Neither IBGE company nor Nav company has reported experiencing or disclosing vulnerabilities publicly.

Neither IBGE nor Nav holds any compliance certifications.

Neither company holds any compliance certifications.

Nav company has more subsidiaries worldwide compared to IBGE company.

IBGE company employs more people globally than Nav company, reflecting its scale as a Government Administration.

Neither IBGE nor Nav holds SOC 2 Type 1 certification.

Neither IBGE nor Nav holds SOC 2 Type 2 certification.

Neither IBGE nor Nav holds ISO 27001 certification.

Neither IBGE nor Nav holds PCI DSS certification.

Neither IBGE nor Nav holds HIPAA certification.

Neither IBGE nor Nav holds GDPR certification.

Description

MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the exec_in_pod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation (sh -c) without input validation, allowing shell metacharacters to be interpreted. This vulnerability can be exploited through direct command injection or indirect prompt injection attacks, where AI agents may execute commands without explicit user intent. This vulnerability is fixed in 2.9.8.

Published

Date

2025-12-03

Updated

Date

2025-12-03

Risk Information

cvss3

Base: 6.4

Severity: HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

References

Description

XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.

Published

Date

2025-12-03

Updated

Date

2025-12-03

References

https://github.com/weng-xianhu/eyoucms/issues/66

Description

An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.

Published

Date

2025-12-03

Updated

Date

2025-12-03

References

Description

Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in the authentication flow. This vulnerability is fixed in 5.9.8.

Published

Date

2025-12-03

Updated

Date

2025-12-03

Risk Information

cvss4

Base: 9.9

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

https://github.com/calcom/cal.com/security/advisories/GHSA-9r3w-4j8q-pw98

Description

Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed() function, it might lead to high CPU consumption and a potential Denial of Service. Small numbers go through this call stack: NativeNumber.numTo > DToA.JS_dtostr > DToA.JS_dtoa > DToA.pow5mult where pow5mult attempts to raise 5 to a ridiculous power. This vulnerability is fixed in 1.8.1, 1.7.15.1, and 1.7.14.1.

Published

Date

2025-12-03

Updated

Date

2025-12-03

Risk Information

cvss4

Base: 5.5

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

https://github.com/mozilla/rhino/security/advisories/GHSA-3w8q-xq97-5j7x

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

IBGE

VS

Nav

IBGE

Nav

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Government Administration Industry Average (This Year)

Incidents vs Government Administration Industry Average (This Year)

Incident History — IBGE (X = Date, Y = Severity)

Incident History — Nav (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-66404

Risk Information

CVE-2025-65868

CVE-2025-64055

CVE-2025-66489

Risk Information

CVE-2025-66453

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

IBGE

VS

Nav

IBGE

Nav

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Government Administration Industry Average (This Year)

Incidents vs Government Administration Industry Average (This Year)

Incident History — IBGE (X = Date, Y = Severity)

Incident History — Nav (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Between IBGE company and Nav company, which one has the best AI Cybersecurity Score ?

Between IBGE company and Nav company, which one has experienced more cyber incidents in the past ?

Between IBGE company and Nav company, which one has experienced more cyber incidents this year ?

Between IBGE company and Nav company, which one has experienced at least one ransomware attack ?

Between IBGE company and Nav company, which one has experienced at least one data breach ?

Between IBGE company and Nav company, which one has experienced at least one targeted cyberattack ?

Between IBGE company and Nav company, which one has experienced at least one vulnerability ?

Between IBGE company and Nav company, which one holds the most compliance certifications ?

Between IBGE company and Nav company, which one holds the fewest compliance certifications ?

Between IBGE company and Nav company, which one has the most subsidiaries ?

Between IBGE company and Nav company, which one has the largest number of employees ?

Between IBGE and Nav, which company holds both SOC 2 Type 1 certifications ?

Between IBGE and Nav, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — IBGE or Nav ?

Which company is PCI DSS compliant — IBGE or Nav ?

Between IBGE and Nav, which company complies with HIPAA regulations for healthcare data ?

Between IBGE and Nav, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-66404

Risk Information

CVE-2025-65868

CVE-2025-64055

CVE-2025-66489

Risk Information

CVE-2025-66453

Risk Information