Comparison Overview

United Way for the City of Kawartha Lakes

VS

Zaz Ventures

United Way for the City of Kawartha Lakes

50 Mary St W, Lindsay, Ontario, K9V 2N6, CA
Last Update: 2025-12-17
View Profile
Between 750 and 799
http://www.ckl-unitedway.ca

United Way Mission Statement “To improve lives and build community by engaging individuals and mobilizing collective action.” United Way CKL Mission Statement "To build a strong community and improve lives in Haliburton and Kawartha Lakes" Vision Statement Bring communities together to ensure everyone has the opportunity to reach their full potential To do this, we aim to: Energize and inspire people to make a difference. Provide meaningful opportunities for individuals to realize their potential by demonstrating volunteer leadership in service to community. Reflect the diversity of the communities we serve. Craft human care agendas within and across our communities. Build coalitions around these agendas. Increase investments in these agendas by expanding and diversifying our own resource development and fundraising efforts along with supporting others. Ensure that these investments have recognizable impact.

NAICS: 561
NAICS Definition:
Employees: 8
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Zaz Ventures

Square de Meeus 35, Brussels, 1000, BE
Last Update: 2025-12-17
Between 750 and 799
http://www.zazventures.com

Zaz Ventures is a top-tier pan-European boutique consulting firm, specializing in securing public and private funding for cutting-edge deep tech startups. We are experts in navigating complex funding landscapes, particularly through the European Innovation Council (Accelerator, Transition, Pathfinder). Our firm is part of a larger group that includes a Family Office and Da Vinci Labs, a deep tech incubator. Since 2014, we have raised €1.7Bn of Public Funding for 420+ clients in the Horizon 2020 and Horizon Europe programmes, with success rates consistently 4 to 5 times above the average. We excel in the most competitive instruments, such as the EIC Accelerator and EIC STEP Scale-Up, where we have helped 146 deeptech startups to raise over €1.3Bn of grant and equity funding, across a variety of domains: ICT, Robotics, AI, Quantum, Cybersecurity, Counter-Terrorism, Transport, Smart Cities, Manufacturing, Nanomaterials, Biotechnology, Synthetic Biology, Health, Agriculture, Food, Aquaculture & Fisheries, Energy, Space, Raw Materials, Environment, Cleantech, Circular Economy. What makes us unique is our no-win-no-pay proposal writing approach in highly competitive funding instruments such as the EIC Accelerator: we only get paid if and when you receive the funding. This means no upfront costs for you and a complete alignment between us in building a winning proposal and succeeding together. Are you a superhero team looking for Horizon Europe funding? Please reach out to us at [email protected] Follow us on Bluesky: @horizonexperts.bsky.social or visit: www.zazventures.com

NAICS: 561499
NAICS Definition: All Other Business Support Services
Employees: 68
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/united-way-for-the-city-of-kawartha-lakes.jpeg
United Way for the City of Kawartha Lakes
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/zaz-ventures.jpeg
Zaz Ventures
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
United Way for the City of Kawartha Lakes
100%
Compliance Rate
0/4 Standards Verified
Zaz Ventures
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Fundraising Industry Average (This Year)

No incidents recorded for United Way for the City of Kawartha Lakes in 2025.

Incidents vs Fundraising Industry Average (This Year)

No incidents recorded for Zaz Ventures in 2025.

Incident History — United Way for the City of Kawartha Lakes (X = Date, Y = Severity)

United Way for the City of Kawartha Lakes cyber incidents detection timeline including parent company and subsidiaries

Incident History — Zaz Ventures (X = Date, Y = Severity)

Zaz Ventures cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/united-way-for-the-city-of-kawartha-lakes.jpeg
United Way for the City of Kawartha Lakes
Incidents

No Incident

https://images.rankiteo.com/companyimages/zaz-ventures.jpeg
Zaz Ventures
Incidents

No Incident

FAQ

Both United Way for the City of Kawartha Lakes company and Zaz Ventures company demonstrate a comparable AI Cybersecurity Score, with strong governance and monitoring frameworks in place.

Historically, Zaz Ventures company has disclosed a higher number of cyber incidents compared to United Way for the City of Kawartha Lakes company.

In the current year, Zaz Ventures company and United Way for the City of Kawartha Lakes company have not reported any cyber incidents.

Neither Zaz Ventures company nor United Way for the City of Kawartha Lakes company has reported experiencing a ransomware attack publicly.

Neither Zaz Ventures company nor United Way for the City of Kawartha Lakes company has reported experiencing a data breach publicly.

Neither Zaz Ventures company nor United Way for the City of Kawartha Lakes company has reported experiencing targeted cyberattacks publicly.

Neither United Way for the City of Kawartha Lakes company nor Zaz Ventures company has reported experiencing or disclosing vulnerabilities publicly.

Neither United Way for the City of Kawartha Lakes nor Zaz Ventures holds any compliance certifications.

Neither company holds any compliance certifications.

Neither United Way for the City of Kawartha Lakes company nor Zaz Ventures company has publicly disclosed detailed information about the number of their subsidiaries.

Zaz Ventures company employs more people globally than United Way for the City of Kawartha Lakes company, reflecting its scale as a Fundraising.

Neither United Way for the City of Kawartha Lakes nor Zaz Ventures holds SOC 2 Type 1 certification.

Neither United Way for the City of Kawartha Lakes nor Zaz Ventures holds SOC 2 Type 2 certification.

Neither United Way for the City of Kawartha Lakes nor Zaz Ventures holds ISO 27001 certification.

Neither United Way for the City of Kawartha Lakes nor Zaz Ventures holds PCI DSS certification.

Neither United Way for the City of Kawartha Lakes nor Zaz Ventures holds HIPAA certification.

Neither United Way for the City of Kawartha Lakes nor Zaz Ventures holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating the requesting user. Due to improper privilege handling and a time-of-check time-of-use race condition combined with symbolic link and mount point manipulation, a local authenticated attacker can coerce the service into deleting arbitrary directories with SYSTEM privileges. This can be exploited to delete protected system folders such as C:\\Config.msi and subsequently achieve execution as NT AUTHORITY\\SYSTEM via MSI rollback techniques.

Published
Date
2025-12-20
Updated
Date
2025-12-20
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to unauthorized modification of data due to a missing capability check on the 'cs_update_application_status_callback' function in all versions up to, and including, 7.7. This makes it possible for authenticated attackers, with Candidate-level access and above, to inject cross-site scripting into the 'status' parameter of applied jobs for any user.

Published
Date
2025-12-20
Updated
Date
2025-12-20
Risk Information
cvss3
Base: 7.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
References
Description

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'cs_update_application_status_callback' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Candidate-level access and above, to send a site-generated email with injected HTML to any user.

Published
Date
2025-12-20
Updated
Date
2025-12-20
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
References
Description

The FiboSearch – Ajax Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `thegem_te_search` shortcode in all versions up to, and including, 1.32.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This vulnerability requires TheGem theme (premium) to be installed with Header Builder mode enabled, and the FiboSearch "Replace search bars" option enabled for TheGem integration.

Published
Date
2025-12-20
Updated
Date
2025-12-20
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
References
Description

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.0 via the ajax_get_members function. This is due to the use of a predictable low-entropy token (5 hex characters derived from md5 of post ID) to identify member directories and insufficient authorization checks on the unauthenticated AJAX endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, display names, user roles (including administrator accounts), profile URLs, and user IDs by enumerating predictable directory_id values or brute-forcing the small 16^5 token space.

Published
Date
2025-12-20
Updated
Date
2025-12-20
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References