Comparison Overview

VueOps®

945 Front St, San Francisco, California, 94111, US

Last Update: 2025-03-11 (UTC)

Between 900 and 1000

http://www.vueops.com

Excellent

VueOps® SiteLine, the most powerful facilities search engine available, allows you and your team to quickly and efficiently investigate building data, documents, drawings, and models to solve any problem quickly. We close the gap between design and construction and provide a smart and easy way to find construction turnover documents, manage warranty issues, and find information about assets installed in the facility, using search and 2D drawings and/or 3D building information models. VueOps® helps you Know Your Building Inside Out®, exceed your facility design and performance goals, and improve building-life cycle management. VueOps is part of the DPR Construction Family of Companies.

NAICS: 511

NAICS Definition:

Employees: 11

Subsidiaries: 8

12-month incidents

0

Known data breaches

0

Attack type number

0

TOTVS

Av Braz Leme, 1000, Sao Paulo, SP, 02511-900, BR

Last Update: 2025-05-06 (UTC)

Strong

Between 800 and 900

https://www.totvs.com

Olá, somos a TOTVS! A maior empresa de tecnologia do Brasil. 🤓 Líder absoluta em sistemas e plataformas para empresas, a TOTVS possui mais de 70 mil clientes. Indo muito além do ERP, oferece tecnologia completa para digitalização dos negócios por meio de 3 unidades de negócio: - Gestão, com sistemas para automatizar processos das atividades fim e do backoffice da operação; 💻 - Techfin, oferecendo serviços financeiros personalizados por meio dos seus sistemas; 💸 - RD Station, com soluções para as empresas venderem mais e crescerem. 🚀 Nos últimos 5 anos, a companhia investiu R$3 bilhões em pesquisa e desenvolvimento para atender de maneira cada vez mais especializada empresas de 12 segmentos da economia, tornando-se um trusted advisor de seus clientes. A TOTVS é uma potência tecnológica que apoia a evolução de empresas de norte a sul do país. O Brasil, que faz, faz com TOTVS.

NAICS: 5112

NAICS Definition: Software Publishers

Employees: 14,067

Subsidiaries: 0

12-month incidents

0

Known data breaches

0

Attack type number

0

VueOps®

—

ISO 27001

Not verified

—

SOC 2

Not verified

—

GDPR

No public badge

—

PCI DSS

No public badge

TOTVS

—

ISO 27001

Not verified

—

SOC 2

Not verified

—

GDPR

No public badge

—

PCI DSS

No public badge

Incidents vs Software Development Industry Average (This Year)

No incidents recorded for VueOps® in 2025.

Incidents vs Software Development Industry Average (This Year)

No incidents recorded for TOTVS in 2025.

Incident History — VueOps® (X = Date, Y = Severity)

VueOps® cyber incidents detection timeline including parent company and subsidiaries

Incident History — TOTVS (X = Date, Y = Severity)

TOTVS cyber incidents detection timeline including parent company and subsidiaries

VueOps®

Incidents

No Incident

TOTVS

Incidents

No Incident

VueOps® company company demonstrates a stronger AI risk posture compared to TOTVS company company, reflecting its advanced AI governance and monitoring frameworks.

Historically, TOTVS company has disclosed a higher number of cyber incidents compared to VueOps® company.

In the current year, TOTVS company and VueOps® company have not reported any cyber incidents.

Neither TOTVS company nor VueOps® company has reported experiencing a ransomware attack publicly.

Neither TOTVS company nor VueOps® company has reported experiencing a data breach publicly.

Neither TOTVS company nor VueOps® company has reported experiencing targeted cyberattacks publicly.

Neither VueOps® company nor TOTVS company has reported experiencing or disclosing vulnerabilities publicly.

VueOps® company has more subsidiaries worldwide compared to TOTVS company.

TOTVS company employs more people globally than VueOps® company, reflecting its scale as a Software Development.

Description

Volto is a ReactJS-based frontend for the Plone Content Management System. Versions 16.34.0 and below, 17.0.0 through 17.22.1, 18.0.0 through 18.27.1, and 19.0.0-alpha.1 through 19.0.0-alpha.5, an anonymous user could cause the NodeJS server part of Volto to quit with an error when visiting a specific URL. This issue is fixed in versions 16.34.1, 17.22.2, 18.27.2 and 19.0.0-alpha.6.

Published

Date

2025-10-02

Updated

Date

2025-10-02

Risk Information

cvss4

Base: 8.7

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

Traccar is an open source GPS tracking system. Default installs of Traccar on Windows between versions 6.1- 6.8.1 and non default installs between versions 5.8 - 6.0 are vulnerable to unauthenticated local file inclusion attacks which can lead to leakage of passwords or any file on the file system including the Traccar configuration file. Versions 5.8 - 6.0 are only vulnerable if <entry key='web.override'>./override</entry> is set in the configuration file. Versions 6.1 - 6.8.1 are vulnerable by default as the web override is enabled by default. The vulnerable code is removed in version 6.9.0.

Published

Date

2025-10-02

Updated

Date

2025-10-02

Risk Information

cvss4

Base: 8.7

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

Stalwart is a mail and collaboration server. Versions 0.13.3 and below contain an unbounded memory allocation vulnerability in the IMAP protocol parser which allows remote attackers to exhaust server memory, potentially triggering the system's out-of-memory (OOM) killer and causing a denial of service. The CommandParser implementation enforces size limits on its dynamic buffer in most parsing states, but several state handlers omit these validation checks. This issue is fixed in version 0.13.4. A workaround for this issue is to implement rate limiting and connection monitoring at the network level, however this does not provide complete protection.

Published

Date

2025-10-02

Updated

Date

2025-10-02

Risk Information

cvss3

Base: 7.5

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Description

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain a Broken Access Control vulnerability, identified in the get_relatorios_socios.php endpoint. This vulnerability allows unauthenticated attackers to directly access sensitive personal and financial information of members without requiring authentication or authorization. This issue is fixed in version 3.5.0.

Published

Date

2025-10-02

Updated

Date

2025-10-02

Risk Information

cvss4

Base: 8.7

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain an Open Redirect vulnerability, identified in the control.php endpoint, specifically in the nextPage parameter (metodo=listarUmnomeClasse=FuncionarioControle). This vulnerability allows attackers to redirect users to arbitrary external domains, enabling phishing campaigns, malicious payload distribution, or user credential theft. This issue is fixed in version 3.5.0.

Published

Date

2025-10-02

Updated

Date

2025-10-02

Risk Information

cvss4

Base: 4.8

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Comparison Overview

VueOps®

VS

TOTVS

VueOps®

TOTVS

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

Incidents vs Software Development Industry Average (This Year)

Incident History — VueOps® (X = Date, Y = Severity)

Incident History — TOTVS (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-61668

Risk Information

CVE-2025-61666

Risk Information

CVE-2025-61600

Risk Information

CVE-2025-61665

Risk Information

CVE-2025-61606

Risk Information

Comparison Overview

VueOps®

VS

TOTVS

VueOps®

TOTVS

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

Incidents vs Software Development Industry Average (This Year)

Incident History — VueOps® (X = Date, Y = Severity)

Incident History — TOTVS (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Between VueOps® company and TOTVS company, which one has the best A.I. risk score?

Between VueOps® company and TOTVS company, which one has experienced more cyber incidents in the past?

Between VueOps® company and TOTVS company, which one has experienced more cyber incidents this year?

Between VueOps® company and TOTVS company, which one has experienced at least one ransomware attack?

Between VueOps® company and TOTVS company, which one has experienced at least one data breach?

Between VueOps® company and TOTVS company, which one has experienced at least one targeted cyberattack?

Between VueOps® company and TOTVS company, which one has experienced at least one vulnerability?

Between VueOps® company and TOTVS company, which one has the most subsidiaries?

Between VueOps® company and TOTVS company, which one has the largest number of employees?

Latest Global CVEs (Not Company-Specific)

CVE-2025-61668

Risk Information

CVE-2025-61666

Risk Information

CVE-2025-61600

Risk Information

CVE-2025-61665

Risk Information

CVE-2025-61606

Risk Information