Baidu Venture (BV) is an independent venture fund established by Baidu in 2017. BV's investors include Baidu as well as other leading financial institutions and businesses. BV currently manages roughly $700 million USD across 3 funds and has offices in Beijing and San Francisco.
At Virgin, we’re all about creating unique customer experiences, challenging the status quo and championing people and the planet. For five decades, in five business sectors and on five continents, our purpose is to change business for good. The home of Virgin is Virgin Management – supporting the Branson family and the growth of the Virgin brand by developing and nurturing valuable Virgin businesses around the world. Virgin Management works alongside all the different Virgin companies and their teams around the world. We have interests spanning travel & leisure, health & wellness, music & entertainment, telecoms & media, financial services and space. Each of those individual Virgin businesses has its own ways of working, but we are all united by a shared culture and purpose. Virgin Management also works alongside Virgin Unite, the non-profit foundation of the Virgin Group, and is home to Virgin Start Up, a not-for-profit organisation that delivers Start Up Loans, mentoring and other support to entrepreneurs in the UK.
Security & Compliance Standards Overview
Baidu Venture has 0.0% fewer incidents than the average of same-industry companies with at least one recorded incident.
No incidents recorded for Virgin in 2025.
Baidu Venture cyber incidents detection timeline including parent company and subsidiaries
Virgin cyber incidents detection timeline including parent company and subsidiaries
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.
Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to overwrite Git configuration remotely and override some of its behavior. Version 5.15.1 fixes the issue.
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation (CAPEC-130) of memory and a denial of service (DoS) via crafted HTTP request.
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) of computing resources and a denial of service (DoS) of the Kibana process via a crafted HTTP request.
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a vulnerability a function handler in the Vega AST evaluator.
