Comparison Overview

Q: Between EXARC company and Bruns company, which one has the best AI Cybersecurity Score ?

Bruns company demonstrates a stronger AI Cybersecurity Score compared to EXARC company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between EXARC company and Bruns company, which one has experienced more cyber incidents in the past ?

Historically, Bruns company has disclosed a higher number of cyber incidents compared to EXARC company.

Q: Between EXARC company and Bruns company, which one has experienced more cyber incidents this year ?

In the current year, Bruns company and EXARC company have not reported any cyber incidents.

Q: Between EXARC company and Bruns company, which one has experienced at least one ransomware attack ?

Neither Bruns company nor EXARC company has reported experiencing a ransomware attack publicly.

Q: Between EXARC company and Bruns company, which one has experienced at least one data breach ?

Neither Bruns company nor EXARC company has reported experiencing a data breach publicly.

Q: Between EXARC company and Bruns company, which one has experienced at least one targeted cyberattack ?

Neither Bruns company nor EXARC company has reported experiencing targeted cyberattacks publicly.

Q: Between EXARC company and Bruns company, which one has experienced at least one vulnerability ?

Neither EXARC company nor Bruns company has reported experiencing or disclosing vulnerabilities publicly.

Q: Between EXARC company and Bruns company, which one holds the most compliance certifications ?

Neither EXARC nor Bruns holds any compliance certifications.

Q: Between EXARC company and Bruns company, which one has the most subsidiaries ?

Neither EXARC company nor Bruns company has publicly disclosed detailed information about the number of their subsidiaries.

EXARC

Aloelaan 40A, Leiden, Zuid-Holland, 2316XT, NL

Last Update: 2025-12-01

View Profile

Between 750 and 799

https://exarc.net

EXARC is the international ICOM Affiliated organisation of Archaeological Open-Air Museums and Experimental Archaeology. It is our aim to establish a high standard of both scientific research and public presentation. The idea of international exchange of knowledge, human resources, publications and facsimiles is to improve the quality of work for all associated members.

NAICS: 712

NAICS Definition:

Employees: 15

Subsidiaries: 0

12-month incidents

0

Known data breaches

0

Attack type number

0

View Profile

Bruns

Rijksmonument De Ploeg, Riethovensedijk 20, Bergeijk, None, NL, 5571 CR

Last Update: 2025-12-01

Between 750 and 799

http://www.bruns.nl

Bruns will bring stories to life by developing and producing high-quality exhibitions and exhibits. We make (interactive) objects and we create indelible memories. The combination of curiosity, modern craftsmanship and technical creativity makes stories readable and perceptible. “ You can tell and read stories and experience them through Bruns” ‘Curiosity’ is what our team drives. We are eager to discover the unique identity, the core of the story behind every project, be it small or large. We believe that it will not really come to life until the visitor can touch it. Each day our team embarks on new journeys of discovery with the intention of transferring stories into experiences. Experiences that makes jaws drop. We will let the visitor step into the story and experience everything told. Bruns will have the story speak in every element, interaction and in the smallest detail.

NAICS: 712

NAICS Definition: Museums, Historical Sites, and Similar Institutions

Employees: 118

Subsidiaries: 0

12-month incidents

0

Known data breaches

0

Attack type number

0

EXARC

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Bruns

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Museums, Historical Sites, and Zoos Industry Average (This Year)

No incidents recorded for EXARC in 2025.

Incidents vs Museums, Historical Sites, and Zoos Industry Average (This Year)

No incidents recorded for Bruns in 2025.

Incident History — EXARC (X = Date, Y = Severity)

EXARC cyber incidents detection timeline including parent company and subsidiaries

Incident History — Bruns (X = Date, Y = Severity)

Bruns cyber incidents detection timeline including parent company and subsidiaries

EXARC

Incidents

No Incident

Bruns

Incidents

No Incident

Bruns company demonstrates a stronger AI Cybersecurity Score compared to EXARC company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, Bruns company has disclosed a higher number of cyber incidents compared to EXARC company.

In the current year, Bruns company and EXARC company have not reported any cyber incidents.

Neither Bruns company nor EXARC company has reported experiencing a ransomware attack publicly.

Neither Bruns company nor EXARC company has reported experiencing a data breach publicly.

Neither Bruns company nor EXARC company has reported experiencing targeted cyberattacks publicly.

Neither EXARC company nor Bruns company has reported experiencing or disclosing vulnerabilities publicly.

Neither EXARC nor Bruns holds any compliance certifications.

Neither company holds any compliance certifications.

Neither EXARC company nor Bruns company has publicly disclosed detailed information about the number of their subsidiaries.

Bruns company employs more people globally than EXARC company, reflecting its scale as a Museums, Historical Sites, and Zoos.

Neither EXARC nor Bruns holds SOC 2 Type 1 certification.

Neither EXARC nor Bruns holds SOC 2 Type 2 certification.

Neither EXARC nor Bruns holds ISO 27001 certification.

Neither EXARC nor Bruns holds PCI DSS certification.

Neither EXARC nor Bruns holds HIPAA certification.

Neither EXARC nor Bruns holds GDPR certification.

Description

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls RelinquishMagickMemory on _drawInfo->font, freeing the font string but leaving _drawInfo->font pointing to freed memory while _drawInfo->family is set to that (now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font re-frees or dereferences dangling memory. DestroyDrawInfo and other setters (Options::font, Image::font) assume _drawInfo->font remains valid, so destruction or subsequent updates trigger crashes or heap corruption. This vulnerability is fixed in 7.1.2-9 and 6.9.13-34.

Published

Date

2025-12-02

Updated

Date

2025-12-02

Risk Information

cvss3

Base: 4.9

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

References

Description

FeehiCMS version 2.1.1 has a Remote Code Execution via Unrestricted File Upload in Ad Management. FeehiCMS version 2.1.1 allows authenticated remote attackers to upload files that the server later executes (or stores in an executable location) without sufficient validation, sanitization, or execution restrictions. An authenticated remote attacker can upload a crafted PHP file and cause the application or web server to execute it, resulting in remote code execution (RCE).

Published

Date

2025-12-02

Updated

Date

2025-12-02

Risk Information

cvss3

Base: 6.5

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

References

Description

PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the admin/index.php endpoint. Specifically, the username parameter accepts unvalidated user input, which is then concatenated directly into a backend SQL query.

Published

Date

2025-12-02

Updated

Date

2025-12-02

Risk Information

cvss3

Base: 6.5

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

References

Description

NMIS/BioDose software V22.02 and previous versions contain executable binaries with plain text hard-coded passwords. These hard-coded passwords could allow unauthorized access to both the application and database.

Published

Date

2025-12-02

Updated

Date

2025-12-02

Risk Information

cvss3

Base: 7.3

Severity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

cvss4

Base: 8.4

Severity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-336-01

Description

NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries.

Published

Date

2025-12-02

Updated

Date

2025-12-02

Risk Information

cvss3

Base: 8.0

Severity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

cvss4

Base: 7.1

Severity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-336-01

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

EXARC

VS

Bruns

EXARC

Bruns

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Museums, Historical Sites, and Zoos Industry Average (This Year)

Incidents vs Museums, Historical Sites, and Zoos Industry Average (This Year)

Incident History — EXARC (X = Date, Y = Severity)

Incident History — Bruns (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-65955

Risk Information

CVE-2025-65657

Risk Information

CVE-2025-65380

Risk Information

CVE-2025-64778

Risk Information

CVE-2025-64642

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

EXARC

VS

Bruns

EXARC

Bruns

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Museums, Historical Sites, and Zoos Industry Average (This Year)

Incidents vs Museums, Historical Sites, and Zoos Industry Average (This Year)

Incident History — EXARC (X = Date, Y = Severity)

Incident History — Bruns (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Between EXARC company and Bruns company, which one has the best AI Cybersecurity Score ?

Between EXARC company and Bruns company, which one has experienced more cyber incidents in the past ?

Between EXARC company and Bruns company, which one has experienced more cyber incidents this year ?

Between EXARC company and Bruns company, which one has experienced at least one ransomware attack ?

Between EXARC company and Bruns company, which one has experienced at least one data breach ?

Between EXARC company and Bruns company, which one has experienced at least one targeted cyberattack ?

Between EXARC company and Bruns company, which one has experienced at least one vulnerability ?

Between EXARC company and Bruns company, which one holds the most compliance certifications ?

Between EXARC company and Bruns company, which one holds the fewest compliance certifications ?

Between EXARC company and Bruns company, which one has the most subsidiaries ?

Between EXARC company and Bruns company, which one has the largest number of employees ?

Between EXARC and Bruns, which company holds both SOC 2 Type 1 certifications ?

Between EXARC and Bruns, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — EXARC or Bruns ?

Which company is PCI DSS compliant — EXARC or Bruns ?

Between EXARC and Bruns, which company complies with HIPAA regulations for healthcare data ?

Between EXARC and Bruns, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-65955

Risk Information

CVE-2025-65657

Risk Information

CVE-2025-65380

Risk Information

CVE-2025-64778

Risk Information

CVE-2025-64642

Risk Information