Comparison Overview

Rochester Symphony

1530 Greenview Dr. SW, Suite 120, Rochester, MN 55902, US

Last Update: 2025-12-10

Between 750 and 799

http://www.rochestersymphony.org

Rochester Symphony Orchestra & Chorale serves the SE Minnesota region by bringing great music to life through orchestral and choral performance. The professional, per-service orchestra performs 5-8 concerts each season with a 90-voice auditioned chorale joining the orchestra twice each year. In addition to public performances, Rochester Symphony provides education programs for all ages.

NAICS: 711

NAICS Definition:

Employees: 24

Subsidiaries: 0

12-month incidents

0

Known data breaches

0

Attack type number

0

View Profile

SF Curran

445 Geary St, San Francisco, 94102, US

Last Update: 2025-12-11

Between 750 and 799

https://sfcurran.com/

Built in 1922, the Curran has housed some of the biggest productions in theater history and has maintained a reputation over the course of its life as one of the premier live entertainment venues in North America. Under the curation of eight-time Tony Award-winner Carole Shorenstein Hays, almost a century after it welcomed its first Bay Area audiences, the Curran has just completed a major restoration and renovation. Curran reopened our 1,600 seat venue in January 2017 with the groundbreaking musical FUN HOME. Since then, we've welcomed even more incredible productions, including ECLIPSED, TAYLOR MAC'S 24 DECADE project, SOFT POWER, DEAR EVAN HANSEN and THE JUNGLE. Next up inside our Curran is HARRY POTTER AND THE CURSED CHILD, which begins performances this fall. As our beloved theater undergoes yet another round of joyous renovations in order to accommodate HARRY POTTER AND THE CURSED CHILD's extended run, we are busy imagining unique programming all around San Francisco – complete with all the fun and adventure that the Curran name has come to represent. This is our way of making sure we continue to be a cultural hub for all of the Bay Area, even while our brick-and-mortar home is happily occupied by a certain boy wizard.

NAICS: 7111

NAICS Definition: Performing Arts Companies

Employees: None

Subsidiaries: 37

12-month incidents

0

Known data breaches

0

Attack type number

0

Rochester Symphony

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

SF Curran

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Performing Arts Industry Average (This Year)

No incidents recorded for Rochester Symphony in 2025.

Incidents vs Performing Arts Industry Average (This Year)

No incidents recorded for SF Curran in 2025.

Incident History — Rochester Symphony (X = Date, Y = Severity)

Rochester Symphony cyber incidents detection timeline including parent company and subsidiaries

Incident History — SF Curran (X = Date, Y = Severity)

SF Curran cyber incidents detection timeline including parent company and subsidiaries

Rochester Symphony

Incidents

No Incident

SF Curran

Incidents

No Incident

SF Curran company demonstrates a stronger AI Cybersecurity Score compared to Rochester Symphony company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, SF Curran company has disclosed a higher number of cyber incidents compared to Rochester Symphony company.

In the current year, SF Curran company and Rochester Symphony company have not reported any cyber incidents.

Neither SF Curran company nor Rochester Symphony company has reported experiencing a ransomware attack publicly.

Neither SF Curran company nor Rochester Symphony company has reported experiencing a data breach publicly.

Neither SF Curran company nor Rochester Symphony company has reported experiencing targeted cyberattacks publicly.

Neither Rochester Symphony company nor SF Curran company has reported experiencing or disclosing vulnerabilities publicly.

Neither Rochester Symphony nor SF Curran holds any compliance certifications.

Neither company holds any compliance certifications.

SF Curran company has more subsidiaries worldwide compared to Rochester Symphony company.

Neither Rochester Symphony nor SF Curran holds SOC 2 Type 1 certification.

Neither Rochester Symphony nor SF Curran holds SOC 2 Type 2 certification.

Neither Rochester Symphony nor SF Curran holds ISO 27001 certification.

Neither Rochester Symphony nor SF Curran holds PCI DSS certification.

Neither Rochester Symphony nor SF Curran holds HIPAA certification.

Neither Rochester Symphony nor SF Curran holds GDPR certification.

Description

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework prior to versions 10.2.0.4, including 9.3.0.x and 8.3.x display the full server stack trace when encountering an error within the GetCdfResource servlet.

Published

Date

2025-12-15

Updated

Date

2025-12-15

Risk Information

cvss3

Base: 5.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References

https://support.pentaho.com/hc/en-us/articles/41833799577741--Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Generation-of-Error-Message-Containing-Sensitive-Information-Versions-before-10-2-0-4-Impacted-CVE-2025-9122

Description

Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10.2.0.4, including 9.3.0.x and 8.3.x, deserialize untrusted JSON data without constraining the parser to approved classes and methods.

Published

Date

2025-12-15

Updated

Date

2025-12-15

Risk Information

cvss3

Base: 8.8

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

https://support.pentaho.com/hc/en-us/articles/41832536185613--Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Deserialization-of-Untrusted-Data-Versions-before-10-2-0-4-Impacted-CVE-2025-9121

Description

A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/Ct_Config.php of the component Backend System Configuration Module. The manipulation of the argument Cj_Add/Cj_Edit results in code injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.

Published

Date

2025-12-15

Updated

Date

2025-12-15

Risk Information

cvss2

Base: 5.8

Severity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base: 4.7

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base: 5.1

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/Ct_App.php of the component Backend App Configuration Module. The manipulation of the argument CT_App_Paytype leads to code injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Published

Date

2025-12-15

Updated

Date

2025-12-15

Risk Information

cvss2

Base: 5.8

Severity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base: 4.7

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base: 5.1

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

Weblate is a web based localization tool. In versions prior to 5.15, it was possible to accept an invitation opened by a different user. Version 5.15. contains a patch. As a workaround, avoid leaving one's Weblate sessions with an invitation opened unattended.

Published

Date

2025-12-15

Updated

Date

2025-12-15

Risk Information

cvss4

Base: 1.0

Severity: HIGH

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Rochester Symphony

VS

SF Curran

Rochester Symphony

SF Curran

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Performing Arts Industry Average (This Year)

Incidents vs Performing Arts Industry Average (This Year)

Incident History — Rochester Symphony (X = Date, Y = Severity)

Incident History — SF Curran (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-9122

Risk Information

CVE-2025-9121

Risk Information

CVE-2025-14730

Risk Information

CVE-2025-14729

Risk Information

CVE-2025-64725

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Rochester Symphony

VS

SF Curran

Rochester Symphony

SF Curran

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Performing Arts Industry Average (This Year)

Incidents vs Performing Arts Industry Average (This Year)

Incident History — Rochester Symphony (X = Date, Y = Severity)

Incident History — SF Curran (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Between Rochester Symphony company and SF Curran company, which one has the best AI Cybersecurity Score ?

Between Rochester Symphony company and SF Curran company, which one has experienced more cyber incidents in the past ?

Between Rochester Symphony company and SF Curran company, which one has experienced more cyber incidents this year ?

Between Rochester Symphony company and SF Curran company, which one has experienced at least one ransomware attack ?

Between Rochester Symphony company and SF Curran company, which one has experienced at least one data breach ?

Between Rochester Symphony company and SF Curran company, which one has experienced at least one targeted cyberattack ?

Between Rochester Symphony company and SF Curran company, which one has experienced at least one vulnerability ?

Between Rochester Symphony company and SF Curran company, which one holds the most compliance certifications ?

Between Rochester Symphony company and SF Curran company, which one holds the fewest compliance certifications ?

Between Rochester Symphony company and SF Curran company, which one has the most subsidiaries ?

Between Rochester Symphony company and SF Curran company, which one has the largest number of employees ?

Between Rochester Symphony and SF Curran, which company holds both SOC 2 Type 1 certifications ?

Between Rochester Symphony and SF Curran, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — Rochester Symphony or SF Curran ?

Which company is PCI DSS compliant — Rochester Symphony or SF Curran ?

Between Rochester Symphony and SF Curran, which company complies with HIPAA regulations for healthcare data ?

Between Rochester Symphony and SF Curran, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-9122

Risk Information

CVE-2025-9121

Risk Information

CVE-2025-14730

Risk Information

CVE-2025-14729

Risk Information

CVE-2025-64725

Risk Information