Comparison Overview

Grounds For Sculpture

VS

No Longer Empty

Grounds For Sculpture

80 Sculptors Way, Hamilton, New Jersey, 08619, US
Last Update: 2025-12-03
View Profile
Between 750 and 799
https://www.groundsforsculpture.org

Grounds For Sculpture is a 42-acre sculpture park and museum located in Hamilton, NJ on the former site of the New Jersey State Fairgrounds. Founded in 1992 by John Seward Johnson II, the venue was intended to be dedicated to promoting an understanding of and appreciation for contemporary sculpture by organizing exhibitions and offering a variety of educational programs and special community events.

NAICS: 712
NAICS Definition: Museums, Historical Sites, and Similar Institutions
Employees: 111
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

No Longer Empty

122 West 27th Street, New York, NY, 10001, US
Last Update: 2025-12-01
Between 750 and 799
http://www.nolongerempty.org

No Longer Empty curates site-responsive exhibitions, education and public programs in unconventional locations around New York City. We create artistic platforms for collaboration and dialogue around social, cultural and political issues. Our exhibitions and educational programs amplify existing community networks and cultural resources. No Longer Empty’s exhibitions, education and public programs are free and accessible to everyone. At the heart of our model is community engagement. A synthesis of local interviews and historical research drives the curatorial process. In turn, emergent narratives and the architecture of the site provide artists with new opportunities to expand their practices through commissioned work. We work with a diverse group of residents, curators and artists in the co-creation of all aspects of our programming. Our work foregrounds art as a catalyst for community-led conversations about place; local identities; and visions for the future.

NAICS: 712
NAICS Definition:
Employees: 17
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/grounds-for-sculpture.jpeg
Grounds For Sculpture
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/no-longer-empty.jpeg
No Longer Empty
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Grounds For Sculpture
100%
Compliance Rate
0/4 Standards Verified
No Longer Empty
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Museums, Historical Sites, and Zoos Industry Average (This Year)

No incidents recorded for Grounds For Sculpture in 2025.

Incidents vs Museums, Historical Sites, and Zoos Industry Average (This Year)

No incidents recorded for No Longer Empty in 2025.

Incident History — Grounds For Sculpture (X = Date, Y = Severity)

Grounds For Sculpture cyber incidents detection timeline including parent company and subsidiaries

Incident History — No Longer Empty (X = Date, Y = Severity)

No Longer Empty cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/grounds-for-sculpture.jpeg
Grounds For Sculpture
Incidents

No Incident

https://images.rankiteo.com/companyimages/no-longer-empty.jpeg
No Longer Empty
Incidents

No Incident

FAQ

Grounds For Sculpture company demonstrates a stronger AI Cybersecurity Score compared to No Longer Empty company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, No Longer Empty company has disclosed a higher number of cyber incidents compared to Grounds For Sculpture company.

In the current year, No Longer Empty company and Grounds For Sculpture company have not reported any cyber incidents.

Neither No Longer Empty company nor Grounds For Sculpture company has reported experiencing a ransomware attack publicly.

Neither No Longer Empty company nor Grounds For Sculpture company has reported experiencing a data breach publicly.

Neither No Longer Empty company nor Grounds For Sculpture company has reported experiencing targeted cyberattacks publicly.

Neither Grounds For Sculpture company nor No Longer Empty company has reported experiencing or disclosing vulnerabilities publicly.

Neither Grounds For Sculpture nor No Longer Empty holds any compliance certifications.

Neither company holds any compliance certifications.

Neither Grounds For Sculpture company nor No Longer Empty company has publicly disclosed detailed information about the number of their subsidiaries.

Grounds For Sculpture company employs more people globally than No Longer Empty company, reflecting its scale as a Museums, Historical Sites, and Zoos.

Neither Grounds For Sculpture nor No Longer Empty holds SOC 2 Type 1 certification.

Neither Grounds For Sculpture nor No Longer Empty holds SOC 2 Type 2 certification.

Neither Grounds For Sculpture nor No Longer Empty holds ISO 27001 certification.

Neither Grounds For Sculpture nor No Longer Empty holds PCI DSS certification.

Neither Grounds For Sculpture nor No Longer Empty holds HIPAA certification.

Neither Grounds For Sculpture nor No Longer Empty holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.

Published
Date
2025-12-01
Updated
Date
2025-12-01
Risk Information
cvss3
Base: 7.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
References
Description

fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.

Published
Date
2025-12-01
Updated
Date
2025-12-01
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.

Published
Date
2025-12-01
Updated
Date
2025-12-01
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.

Published
Date
2025-12-01
Updated
Date
2025-12-01
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.

Published
Date
2025-12-01
Updated
Date
2025-12-01
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References