Comparison Overview

Sherwood Lumber

VS

Builders FirstSource

Sherwood Lumber

225 Broadhollow Dr Suite 310W Melville, NY 11757, US
Last Update: 2025-05-03 (UTC)
Between 800 and 900
http://www.sherwoodlumber.com

Strong

Sherwood Lumber is a wholesaler of building materials. We provide customers with value added services, including just- in-time truckloads, mill direct shipment, forward pricing, risk management, technical support and superior handling from company operated facilities. Sherwood Lumber Corporation's family of associates are committed to being the company you prefer to do business with. Our commitment of superior service and quality with the utmost of integrity will gain the trust that is essential to a quality business relationship. We will achieve our goals through our continued appreciation and loyalty of our valued customers, suppliers, community and Sherwood Lumber associates. Our goal is to earn customer relationships by providing outstanding service and superior quality products. Sherwood Lumber only aligns itself with top quality, dependable producers. Our employees are committed, as a team, to exceeding customer expectations. We are committed, as individuals, to being respectful and protective of one another. All Sherwood Lumber associates offer suggestions, seek solutions and are quick to adapt to the ever changing business climate. We are responsive to the demands of our customers and strive to gain a solid understanding of their unique challenges. Sherwood Lumber will continue to meet and exceed the needs of our customers.

NAICS: 4233
NAICS Definition: Lumber and Other Construction Materials Merchant Wholesalers
Employees: 51-200
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Builders FirstSource

6031 Connection Dr, Suite 400, Irving, TX, US, 75039
Last Update: 2025-07-28 (UTC)

Excellent

Between 900 and 1000
http://www.bldr.com

Builders FirstSource is the nationโ€™s largest supplier of structural building products, value-added components and services to the professional market for new residential construction and repair and remodeling. Our focus is on providing unparalleled service to both large and small customers. Through investments in innovation and an unmatched portfolio of value-added products and manufacturing capabilities, weโ€™re revolutionizing the homebuilding industry โ€“ outperforming today and transforming tomorrow. Builders FirstSource and the Builders FirstSource logo are trademarks of Builders FirstSource, Inc. and/or its subsidiaries. ยฉ 2022 Builders FirstSource, Inc. All rights reserved. JOB SEEKERS: Beware of job scams and fake employment offers. It has come to our attention that fraudulent employment offers have been sent to job seekers by people who claim to be employees of Builders FirstSource (BFS). These scammers use a variety of tactics to engage with job seekers to commit identity theft, financial fraud, and other crimes. They can be very convincing, going as far as to steal the profile pictures of our actual recruiters from their LinkedIn profiles and using email addresses that contain words such as โ€˜@BuildersFirstSourceโ€™ or '@BFS.' The scammers will typically ask you to send money at some point (for equipment, training, or a uniform, etc.). A LEGITIMATE BFS RECRUITER OR HIRING MANAGER WILL NEVER ASK YOU TO SEND US MONEY. Also, you will never receive a job offer from us if we have not verbally interviewed you. If you ever receive an unsolicited or suspicious communication that demands any form of payment in connection with employment at BFS, you should consider it to be fraudulent and cease all contact with the sender. You can report US job scams to the FTC (www.ReportFraud.ftc.gov), your state attorney general, or econsumer.gov for international scams. You can also report any fraudulent activity to LinkedIn.

NAICS: 4233
NAICS Definition: Lumber and Other Construction Materials Merchant Wholesalers
Employees: 11,275
Subsidiaries: 7
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/sherwood-lumber-corp.jpeg
Sherwood Lumber
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/builders-firstsource.jpeg
Builders FirstSource
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
Sherwood Lumber
100%
Compliance Rate
0/4 Standards Verified
Builders FirstSource
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Wholesale Building Materials Industry Average (This Year)

No incidents recorded for Sherwood Lumber in 2025.

Incidents vs Wholesale Building Materials Industry Average (This Year)

No incidents recorded for Builders FirstSource in 2025.

Incident History โ€” Sherwood Lumber (X = Date, Y = Severity)

Sherwood Lumber cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” Builders FirstSource (X = Date, Y = Severity)

Builders FirstSource cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/sherwood-lumber-corp.jpeg
Sherwood Lumber
Incidents

No Incident

https://images.rankiteo.com/companyimages/builders-firstsource.jpeg
Builders FirstSource
Incidents

No Incident

FAQ

Builders FirstSource company company demonstrates a stronger AI risk posture compared to Sherwood Lumber company company, reflecting its advanced AI governance and monitoring frameworks.

Historically, Builders FirstSource company has disclosed a higher number of cyber incidents compared to Sherwood Lumber company.

In the current year, Builders FirstSource company and Sherwood Lumber company have not reported any cyber incidents.

Neither Builders FirstSource company nor Sherwood Lumber company has reported experiencing a ransomware attack publicly.

Neither Builders FirstSource company nor Sherwood Lumber company has reported experiencing a data breach publicly.

Neither Builders FirstSource company nor Sherwood Lumber company has reported experiencing targeted cyberattacks publicly.

Neither Sherwood Lumber company nor Builders FirstSource company has reported experiencing or disclosing vulnerabilities publicly.

Builders FirstSource company has more subsidiaries worldwide compared to Sherwood Lumber company.

Builders FirstSource company employs more people globally than Sherwood Lumber company, reflecting its scale as a Wholesale Building Materials.

Latest Global CVEs (Not Company-Specific)

Description

An issue was discovered in chinabugotech hutool before 5.8.4 allowing attackers to execute arbitrary expressions that lead to arbitrary method invocation and potentially remote code execution (RCE) via the QLExpressEngine class.

Published
Date
2025-09-25
Updated
Date
2025-09-25
References
Description

A weakness has been identified in JeecgBoot up to 3.8.2. The impacted element is an unknown function of the file /sys/role/exportXls. This manipulation causes improper authorization. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in JeecgBoot up to 3.8.2. The affected element is an unknown function of the file /sys/user/exportXls of the component Filter Handler. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 2.1
Severity: HIGH
AV:N/AC:H/Au:S/C:P/I:N/A:N
cvss3
Base: 3.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was determined in JeecgBoot up to 3.8.2. This issue affects some unknown processing of the file /api/getDepartUserList. Executing manipulation of the argument departId can lead to improper authorization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 2.1
Severity: HIGH
AV:N/AC:H/Au:S/C:P/I:N/A:N
cvss3
Base: 3.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References