Comparison Overview

Q: Between UCL company and PPD company, which one has the best AI Cybersecurity Score ?

PPD company demonstrates a stronger AI Cybersecurity Score compared to UCL company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between UCL company and PPD company, which one has experienced more cyber incidents this year ?

In the current year, PPD company and UCL company have not reported any cyber incidents.

Q: Between UCL company and PPD company, which one has experienced at least one ransomware attack ?

UCL company has confirmed experiencing a ransomware attack, while PPD company has not reported such incidents publicly.

Q: Between UCL company and PPD company, which one has experienced at least one data breach ?

PPD company has disclosed at least one data breach, while UCL company has not reported such incidents publicly.

Q: Between UCL company and PPD company, which one has experienced at least one targeted cyberattack ?

Neither PPD company nor UCL company has reported experiencing targeted cyberattacks publicly.

Q: Between UCL company and PPD company, which one has experienced at least one vulnerability ?

Neither UCL company nor PPD company has reported experiencing or disclosing vulnerabilities publicly.

Q: Between UCL company and PPD company, which one holds the most compliance certifications ?

Neither UCL nor PPD holds any compliance certifications.

Q: Between UCL company and PPD company, which one has the most subsidiaries ?

PPD company has more subsidiaries worldwide compared to UCL company.

UCL

Gower Street, London, WC1E 6BT, London, Greater London, undefined, GB

Last Update: 2025-12-02

View Profile

Between 750 and 799

http://www.ucl.ac.uk/

UCL (University College London) is London's leading multidisciplinary university, ranked 9th in the QS World University Rankings. Established in 1826 UCL opened up education in England for the first time to students of any race, class or religion and was also the first university to welcome female students on equal terms with men. Today UCL is made up of remarkable people: eminent professors and exceptional students. Academic excellence and conducting research that addresses real-world problems inform our ethos to this day. To see more photos of UCL you can visit our Flickr Gallery: www.flickr.com/photos/uclnews/sets/ To view videos of UCL and our work, you can subscribe to our YouTube Channel: http://www.youtube.com/user/UCLTV Looking for a job at UCL? Find out more about working with us and view the latest vacancies: https://www.ucl.ac.uk/jobs

NAICS: 5417

NAICS Definition: Scientific Research and Development Services

Employees: 23,173

Subsidiaries: 3

12-month incidents

0

Known data breaches

0

Attack type number

1

View Profile

PPD

168 3rd Ave, Waltham, 02451, US

Last Update: 2025-12-02

Between 750 and 799

https://www.ppd.com

The PPD™ clinical research business of Thermo Fisher Scientific, the world leader in serving science, enables customers to accelerate innovation and drug development through patient-centered strategies and data analytics. Our services, which span multiple therapeutic areas, include early development, all phases of clinical development, peri- and post-approval, patient recruitment, investigator sites and comprehensive laboratory services. As a global industry leader, we offer custom solutions to pharma, biotech, medical device, and government organizations, leveraging cutting-edge technology and therapeutic expertise to help customers deliver life-changing therapies.

NAICS: 5417

NAICS Definition: Scientific Research and Development Services

Employees: 22,755

Subsidiaries: 18

12-month incidents

0

Known data breaches

1

Attack type number

1

https://images.rankiteo.com/companyimages/university-college-london.jpeg

UCL

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

https://images.rankiteo.com/companyimages/ppd.jpeg

PPD

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Research Services Industry Average (This Year)

No incidents recorded for UCL in 2025.

Incidents vs Research Services Industry Average (This Year)

No incidents recorded for PPD in 2025.

Incident History — UCL (X = Date, Y = Severity)

UCL cyber incidents detection timeline including parent company and subsidiaries

Incident History — PPD (X = Date, Y = Severity)

PPD cyber incidents detection timeline including parent company and subsidiaries

UCL

Incidents

Date Detected: 06/2017

Type:Ransomware

Attack Vector: Malware

Motivation: Financial Gain

Blog: Blog

PPD

Incidents

Date Detected: 7/2017

Type:Breach

Attack Vector: Email Compromise

Blog: Blog

PPD company demonstrates a stronger AI Cybersecurity Score compared to UCL company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

UCL and PPD have experienced a similar number of publicly disclosed cyber incidents.

In the current year, PPD company and UCL company have not reported any cyber incidents.

UCL company has confirmed experiencing a ransomware attack, while PPD company has not reported such incidents publicly.

PPD company has disclosed at least one data breach, while UCL company has not reported such incidents publicly.

Neither PPD company nor UCL company has reported experiencing targeted cyberattacks publicly.

Neither UCL company nor PPD company has reported experiencing or disclosing vulnerabilities publicly.

Neither UCL nor PPD holds any compliance certifications.

Neither company holds any compliance certifications.

PPD company has more subsidiaries worldwide compared to UCL company.

UCL company employs more people globally than PPD company, reflecting its scale as a Research Services.

Neither UCL nor PPD holds SOC 2 Type 1 certification.

Neither UCL nor PPD holds SOC 2 Type 2 certification.

Neither UCL nor PPD holds ISO 27001 certification.

Neither UCL nor PPD holds PCI DSS certification.

Neither UCL nor PPD holds HIPAA certification.

Neither UCL nor PPD holds GDPR certification.

Description

MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the exec_in_pod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation (sh -c) without input validation, allowing shell metacharacters to be interpreted. This vulnerability can be exploited through direct command injection or indirect prompt injection attacks, where AI agents may execute commands without explicit user intent. This vulnerability is fixed in 2.9.8.

Published

Date

2025-12-03

Updated

Date

2025-12-03

Risk Information

cvss3

Base: 6.4

Severity: HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

References

Description

XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.

Published

Date

2025-12-03

Updated

Date

2025-12-03

References

https://github.com/weng-xianhu/eyoucms/issues/66

Description

An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.

Published

Date

2025-12-03

Updated

Date

2025-12-03

References

Description

Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in the authentication flow. This vulnerability is fixed in 5.9.8.

Published

Date

2025-12-03

Updated

Date

2025-12-03

Risk Information

cvss4

Base: 9.9

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

https://github.com/calcom/cal.com/security/advisories/GHSA-9r3w-4j8q-pw98

Description

Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed() function, it might lead to high CPU consumption and a potential Denial of Service. Small numbers go through this call stack: NativeNumber.numTo > DToA.JS_dtostr > DToA.JS_dtoa > DToA.pow5mult where pow5mult attempts to raise 5 to a ridiculous power. This vulnerability is fixed in 1.8.1, 1.7.15.1, and 1.7.14.1.

Published

Date

2025-12-03

Updated

Date

2025-12-03

Risk Information

cvss4

Base: 5.5

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

https://github.com/mozilla/rhino/security/advisories/GHSA-3w8q-xq97-5j7x

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

UCL

VS

PPD

UCL

PPD

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Research Services Industry Average (This Year)

Incidents vs Research Services Industry Average (This Year)

Incident History — UCL (X = Date, Y = Severity)

Incident History — PPD (X = Date, Y = Severity)

Notable Incidents

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-66404

Risk Information

CVE-2025-65868

CVE-2025-64055

CVE-2025-66489

Risk Information

CVE-2025-66453

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

UCL

VS

PPD

UCL

PPD

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Research Services Industry Average (This Year)

Incidents vs Research Services Industry Average (This Year)

Incident History — UCL (X = Date, Y = Severity)

Incident History — PPD (X = Date, Y = Severity)

Notable Incidents

🔒 Incident : Ransomware UCL1210311022

🔒 Incident : Breach THE206072925

FAQ

Between UCL company and PPD company, which one has the best AI Cybersecurity Score ?

Between UCL company and PPD company, which one has experienced more cyber incidents in the past ?

Between UCL company and PPD company, which one has experienced more cyber incidents this year ?

Between UCL company and PPD company, which one has experienced at least one ransomware attack ?

Between UCL company and PPD company, which one has experienced at least one data breach ?

Between UCL company and PPD company, which one has experienced at least one targeted cyberattack ?

Between UCL company and PPD company, which one has experienced at least one vulnerability ?

Between UCL company and PPD company, which one holds the most compliance certifications ?

Between UCL company and PPD company, which one holds the fewest compliance certifications ?

Between UCL company and PPD company, which one has the most subsidiaries ?

Between UCL company and PPD company, which one has the largest number of employees ?

Between UCL and PPD, which company holds both SOC 2 Type 1 certifications ?

Between UCL and PPD, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — UCL or PPD ?

Which company is PCI DSS compliant — UCL or PPD ?

Between UCL and PPD, which company complies with HIPAA regulations for healthcare data ?

Between UCL and PPD, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-66404

Risk Information

CVE-2025-65868

CVE-2025-64055

CVE-2025-66489

Risk Information

CVE-2025-66453

Risk Information