Comparison Overview

Allegheny Millwork

VS

Tekfen Construction

Allegheny Millwork

104 Commerce Blvd, Lawrence , PA, 15055, US
Last Update: 2025-03-05 (UTC)
Between 900 and 1000
http://www.alleghenymillwork.com

Excellent

For nearly 40 years, Allegheny Millwork has earned a national reputation as a leader in the custom millwork industry, by distinguishing ourselves through: •The size and production capacity of our facilities •The consistently high quality of our work •Our focus on communication, customer service and on-schedule completion of projects. •Our ability to integrate specialty materials into our millwork packages •A professional staff, expert in the use of professional tools and controls •Our high bonding capacity •Our company history. •An extensive resume of successful projects and satisfied customers. •FSC Certification •AWI Certification Allegheny Millwork has not only invested heavily over the years in state of the art technology to improve efficiencies, but we have also invested heavily into the training of our craftsman in order to preserve the true art of woodworking.

NAICS: 23
NAICS Definition: Construction
Employees: 108
Subsidiaries: 1
12-month incidents
0
Known data breaches
0
Attack type number
0

Tekfen Construction

Kültür Mahallesi, Tekfen Sitesi Budak Sokak, A Blok, No:7 Ulus - Beşiktaş 34340 İstanbul, Türkiye, Beşiktaş, Ulus - Beşiktaş 34340, TR Istanbul, 34340, TR
Last Update: 2025-05-06 (UTC)

Excellent

Between 900 and 1000
http://www.tekfenconstruction.com

Tekfen Contracting Group is one of the two most prominent groups of Tekfen Holding, with its more than 17 thousand employees, nearly 2 billion USD of active portfolio and over 330 projects undertaken successfully to date. The Group is considered as one of the biggest institutions in Turkey, in terms of value of its completed projects, and owns one of the largest construction machinery and equipment inventories in the country. Tekfen Contracting Group, whose origin goes back to 1956, is considered as one of the leading contractors of its region today, and is active in all aspects of contracting business including feasibility, engineering, construction, assembly, maintenance, project control, management and counseling.

NAICS: 23
NAICS Definition: Construction
Employees: 10,001+
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/allegheny-millwork.jpeg
Allegheny Millwork
ISO 27001
Not verified
SOC 2
Not verified
GDPR
No public badge
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/tekfen-construction.jpeg
Tekfen Construction
ISO 27001
Not verified
SOC 2
Not verified
GDPR
No public badge
PCI DSS
No public badge
Compliance Summary
Allegheny Millwork
100%
Compliance Rate
0/4 Standards Verified
Tekfen Construction
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Construction Industry Average (This Year)

No incidents recorded for Allegheny Millwork in 2025.

Incidents vs Construction Industry Average (This Year)

No incidents recorded for Tekfen Construction in 2025.

Incident History — Allegheny Millwork (X = Date, Y = Severity)

Allegheny Millwork cyber incidents detection timeline including parent company and subsidiaries

Incident History — Tekfen Construction (X = Date, Y = Severity)

Tekfen Construction cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/allegheny-millwork.jpeg
Allegheny Millwork
Incidents

No Incident

https://images.rankiteo.com/companyimages/tekfen-construction.jpeg
Tekfen Construction
Incidents

No Incident

FAQ

Both Allegheny Millwork company and Tekfen Construction company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

Historically, Tekfen Construction company has disclosed a higher number of cyber incidents compared to Allegheny Millwork company.

In the current year, Tekfen Construction company and Allegheny Millwork company have not reported any cyber incidents.

Neither Tekfen Construction company nor Allegheny Millwork company has reported experiencing a ransomware attack publicly.

Neither Tekfen Construction company nor Allegheny Millwork company has reported experiencing a data breach publicly.

Neither Tekfen Construction company nor Allegheny Millwork company has reported experiencing targeted cyberattacks publicly.

Neither Allegheny Millwork company nor Tekfen Construction company has reported experiencing or disclosing vulnerabilities publicly.

Allegheny Millwork company has more subsidiaries worldwide compared to Tekfen Construction company.

Allegheny Millwork company employs more people globally than Tekfen Construction company, reflecting its scale as a Construction.

Latest Global CVEs (Not Company-Specific)

Description

Multiple stored cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.4.3.15 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 15 through update 92 allow remote attackers to inject arbitrary web script or HTML via crafted payload injected into a Terms and Condition's Name text field to (1) Payment Terms, or (2) the Delivery Term on the view order page.

Published
Date
2025-10-07
Updated
Date
2025-10-07
Risk Information
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/invoices.php. Performing manipulation of the argument delid results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited.

Published
Date
2025-10-07
Updated
Date
2025-10-07
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Affected by this issue is some unknown functionality of the file /admin/customer-list.php. Such manipulation of the argument delid leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

Published
Date
2025-10-07
Updated
Date
2025-10-07
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresses this issue. Patch name: aeaaa9af6359c8e394ce9cf24911fec4f4d23703. It is advisable to upgrade the affected component.

Published
Date
2025-10-07
Updated
Date
2025-10-07
Risk Information
cvss2
Base: 1.7
Severity: LOW
AV:L/AC:L/Au:S/C:N/I:N/A:P
cvss3
Base: 3.3
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Cross-site scripting (XSS) vulnerability in the Commerce Search Result widget in Liferay Portal 7.4.0 through 7.4.3.111, and Liferay DXP 2023.Q4 before patch 6, 2023.Q3 before patch 9, and 7.4 GA through update 92 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a Commerce Product's Name text field.

Published
Date
2025-10-07
Updated
Date
2025-10-07
Risk Information
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References