Comparison Overview

Q: Between HD Supply company and METRO/MAKRO company, which one has the best AI Cybersecurity Score ?

METRO/MAKRO company demonstrates a stronger AI Cybersecurity Score compared to HD Supply company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between HD Supply company and METRO/MAKRO company, which one has experienced more cyber incidents in the past ?

METRO/MAKRO company has historically faced a number of disclosed cyber incidents, whereas HD Supply company has not reported any.

Q: Between HD Supply company and METRO/MAKRO company, which one has experienced more cyber incidents this year ?

In the current year, METRO/MAKRO company and HD Supply company have not reported any cyber incidents.

Q: Between HD Supply company and METRO/MAKRO company, which one has experienced at least one ransomware attack ?

Neither METRO/MAKRO company nor HD Supply company has reported experiencing a ransomware attack publicly.

Q: Between HD Supply company and METRO/MAKRO company, which one has experienced at least one data breach ?

Neither METRO/MAKRO company nor HD Supply company has reported experiencing a data breach publicly.

Q: Between HD Supply company and METRO/MAKRO company, which one has experienced at least one targeted cyberattack ?

METRO/MAKRO company has reported targeted cyberattacks, while HD Supply company has not reported such incidents publicly.

Q: Between HD Supply company and METRO/MAKRO company, which one has experienced at least one vulnerability ?

Neither HD Supply company nor METRO/MAKRO company has reported experiencing or disclosing vulnerabilities publicly.

Q: Between HD Supply company and METRO/MAKRO company, which one holds the most compliance certifications ?

Neither HD Supply nor METRO/MAKRO holds any compliance certifications.

Q: Between HD Supply company and METRO/MAKRO company, which one has the most subsidiaries ?

METRO/MAKRO company has more subsidiaries worldwide compared to HD Supply company.

HD Supply

3400 Cumberland Blvd SE, Atlanta, Georgia, US, 30339

Last Update: 2025-12-25

View Profile

Between 750 and 799

http://www.hdsupply.com

HD Supply, a wholly owned subsidiary of The Home Depot, is a leading wholesale distribution company serving customers and their communities across the Multifamily, Institutional, Hospitality, Trades, Government Housing, Healthcare, Building Services and Education industries through an expansive network of over 100 distribution centers across the U.S. & Canada. We offer our customers a vast assortment of over 100,000 MRO, full-line janitorial and OS&E products from high-quality, national and private brands, all at competitive prices. Combined with our industry-leading services and solutions – including localized jobsite delivery, renovation programs, direct-ship options and innovative digital tools and capabilities, as well as dedicated sales and customer care teams – you can see why our more than 250,000 customers continue to trust HD Supply as their supplier of choice for serving their communities where people live, learn, work and play. Equally as important is empowering our associates to grow professionally while providing competitive benefits and compensation. If you're ready to find a rewarding career and achieve your full potential with a growing industry leader, HD Supply is ready for you!

NAICS: 42

NAICS Definition: Wholesale Trade

Employees: 10,827

Subsidiaries: 1

12-month incidents

0

Known data breaches

0

Attack type number

0

View Profile

METRO/MAKRO

Metro-Str. 1, Duesseldorf, undefined, 40235, DE

Last Update: 2025-12-25

Between 750 and 799

https://careers.metroag.de

METRO is a leading international wholesale company with food and non-food assortments that specialises in serving the needs of hotels, restaurants and caterers (HoReCa) as well as independent traders. Around the world, METRO has 15 million customers who can choose whether to shop in one of the large-format stores, order online and collect their purchases at the store or have them delivered. METRO also supports the competitiveness of entrepreneurs and independent businesses with digital solutions and thereby contributes to cultural diversity in trade and the hospitality industry. The company operates in more than 30 countries and employs more than 85,000 people worldwide. In financial year 2022/23, METRO generated a group revenue of €31 billion. More information: https://careers.metroag.de Imprint: https://careers.metroag.de/imprint Data Privacy: https://careers.metroag.de/privacy-policy

NAICS: 424

NAICS Definition:

Employees: 26,312

Subsidiaries: 22

12-month incidents

0

Known data breaches

0

Attack type number

1

HD Supply

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

METRO/MAKRO

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Wholesale Industry Average (This Year)

No incidents recorded for HD Supply in 2025.

Incidents vs Wholesale Industry Average (This Year)

No incidents recorded for METRO/MAKRO in 2025.

Incident History — HD Supply (X = Date, Y = Severity)

HD Supply cyber incidents detection timeline including parent company and subsidiaries

Incident History — METRO/MAKRO (X = Date, Y = Severity)

METRO/MAKRO cyber incidents detection timeline including parent company and subsidiaries

HD Supply

Incidents

No Incident

METRO/MAKRO

Incidents

Date Detected: 10/2022

Type:Cyber Attack

Blog: Blog

METRO/MAKRO company demonstrates a stronger AI Cybersecurity Score compared to HD Supply company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

METRO/MAKRO company has historically faced a number of disclosed cyber incidents, whereas HD Supply company has not reported any.

In the current year, METRO/MAKRO company and HD Supply company have not reported any cyber incidents.

Neither METRO/MAKRO company nor HD Supply company has reported experiencing a ransomware attack publicly.

Neither METRO/MAKRO company nor HD Supply company has reported experiencing a data breach publicly.

METRO/MAKRO company has reported targeted cyberattacks, while HD Supply company has not reported such incidents publicly.

Neither HD Supply company nor METRO/MAKRO company has reported experiencing or disclosing vulnerabilities publicly.

Neither HD Supply nor METRO/MAKRO holds any compliance certifications.

Neither company holds any compliance certifications.

METRO/MAKRO company has more subsidiaries worldwide compared to HD Supply company.

METRO/MAKRO company employs more people globally than HD Supply company, reflecting its scale as a Wholesale.

Neither HD Supply nor METRO/MAKRO holds SOC 2 Type 1 certification.

Neither HD Supply nor METRO/MAKRO holds SOC 2 Type 2 certification.

Neither HD Supply nor METRO/MAKRO holds ISO 27001 certification.

Neither HD Supply nor METRO/MAKRO holds PCI DSS certification.

Neither HD Supply nor METRO/MAKRO holds HIPAA certification.

Neither HD Supply nor METRO/MAKRO holds GDPR certification.

Description

A vulnerability was found in Tenda WH450 1.0.0.18. Affected is an unknown function of the file /goform/PPTPUserSetting. Performing manipulation of the argument delno results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.

Published

Date

2025-12-28

Updated

Date

2025-12-28

Risk Information

cvss2

Base: 8.3

Severity: LOW

AV:N/AC:L/Au:M/C:C/I:C/A:C

cvss3

Base: 7.2

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

cvss4

Base: 7.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

A vulnerability has been found in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/PPTPServer. Such manipulation of the argument ip1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Published

Date

2025-12-28

Updated

Date

2025-12-28

Risk Information

cvss2

Base: 8.3

Severity: LOW

AV:N/AC:L/Au:M/C:C/I:C/A:C

cvss3

Base: 7.2

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

cvss4

Base: 7.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

A flaw has been found in omec-project UPF up to 2.1.3-dev. This affects the function handleSessionEstablishmentRequest of the file /pfcpiface/pfcpiface/messages_session.go of the component PFCP Session Establishment Request Handler. This manipulation causes null pointer dereference. The attack may be initiated remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Published

Date

2025-12-28

Updated

Date

2025-12-28

Risk Information

cvss2

Base: 4.0

Severity: LOW

AV:N/AC:L/Au:S/C:N/I:N/A:P

cvss3

Base: 4.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

cvss4

Base: 5.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

A vulnerability was detected in floooh sokol up to 16cbcc864012898793cd2bc57f802499a264ea40. The impacted element is the function _sg_pipeline_desc_defaults in the library sokol_gfx.h. The manipulation results in stack-based buffer overflow. The attack requires a local approach. The exploit is now public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The patch is identified as 5d11344150973f15e16d3ec4ee7550a73fb995e0. It is advisable to implement a patch to correct this issue.

Published

Date

2025-12-28

Updated

Date

2025-12-28

Risk Information

cvss2

Base: 4.3

Severity: LOW

AV:L/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base: 5.3

Severity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base: 4.8

Severity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the function get_user_ip of the file core/function/handle.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to use of less trusted source. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.

Published

Date

2025-12-28

Updated

Date

2025-12-28

Risk Information

cvss2

Base: 5.0

Severity: LOW

AV:N/AC:L/Au:N/C:N/I:P/A:N

cvss3

Base: 5.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

cvss4

Base: 5.5

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

HD Supply

VS

METRO/MAKRO

HD Supply

METRO/MAKRO

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Wholesale Industry Average (This Year)

Incidents vs Wholesale Industry Average (This Year)

Incident History — HD Supply (X = Date, Y = Severity)

Incident History — METRO/MAKRO (X = Date, Y = Severity)

Notable Incidents

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-15161

Risk Information

CVE-2025-15160

Risk Information

CVE-2025-15156

Risk Information

CVE-2025-15155

Risk Information

CVE-2025-15154

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

HD Supply

VS

METRO/MAKRO

HD Supply

METRO/MAKRO

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Wholesale Industry Average (This Year)

Incidents vs Wholesale Industry Average (This Year)

Incident History — HD Supply (X = Date, Y = Severity)

Incident History — METRO/MAKRO (X = Date, Y = Severity)

Notable Incidents

No Incident

🔒 Incident : Cyber Attack MET1849291022

FAQ

Between HD Supply company and METRO/MAKRO company, which one has the best AI Cybersecurity Score ?

Between HD Supply company and METRO/MAKRO company, which one has experienced more cyber incidents in the past ?

Between HD Supply company and METRO/MAKRO company, which one has experienced more cyber incidents this year ?

Between HD Supply company and METRO/MAKRO company, which one has experienced at least one ransomware attack ?

Between HD Supply company and METRO/MAKRO company, which one has experienced at least one data breach ?

Between HD Supply company and METRO/MAKRO company, which one has experienced at least one targeted cyberattack ?

Between HD Supply company and METRO/MAKRO company, which one has experienced at least one vulnerability ?

Between HD Supply company and METRO/MAKRO company, which one holds the most compliance certifications ?

Between HD Supply company and METRO/MAKRO company, which one holds the fewest compliance certifications ?

Between HD Supply company and METRO/MAKRO company, which one has the most subsidiaries ?

Between HD Supply company and METRO/MAKRO company, which one has the largest number of employees ?

Between HD Supply and METRO/MAKRO, which company holds both SOC 2 Type 1 certifications ?

Between HD Supply and METRO/MAKRO, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — HD Supply or METRO/MAKRO ?

Which company is PCI DSS compliant — HD Supply or METRO/MAKRO ?

Between HD Supply and METRO/MAKRO, which company complies with HIPAA regulations for healthcare data ?

Between HD Supply and METRO/MAKRO, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-15161

Risk Information

CVE-2025-15160

Risk Information

CVE-2025-15156

Risk Information

CVE-2025-15155

Risk Information

CVE-2025-15154

Risk Information