Comparison Overview

Yami

140 S State College Blvd, Greater Los Angeles, California, 92821, US

Last Update: 2025-03-12 (UTC)

Between 800 and 900

http://www.yamibuy.com/

Strong

Founded in 2013, Yami’s mission is to bring the world closer for everyone to experience and enjoy. We make it easy to discover exciting flavors and trending products from across the pacific. Named Inc. Magazine’s fastest growing start-up on the ”Inc. 500 List.”, we’re committed to connecting people with authentic food, beauty, home, and wellness experiences through our e-commerce platform, iOS, and Android apps. Join us to unbox the best of Asia. Learn more at Yamibuy.com

NAICS: None

NAICS Definition:

Employees: 331

Subsidiaries: 0

12-month incidents

0

Known data breaches

0

Attack type number

0

YouTube

901 Cherry Ave., San Bruno, CA, 94066, US

Last Update: 2025-05-06 (UTC)

Strong

Between 800 and 900

http://www.youtube.com/jobs

YouTube is a team-oriented, creative workplace where every single employee has a voice in the choices we make and the features we implement. We work together in small teams to design, develop, and roll out key features and products in very short time frames. Which means something you write today could be seen by millions of viewers tomorrow. And even though we’re a part of Google and enjoy all of the corporate perks, it still feels like you’re working at a startup. YouTube is headquartered in San Bruno, California, 12 miles south of San Francisco. We also have many job openings in Mountain View, and across the globe

NAICS: 513

NAICS Definition: Others

Employees: 123,138

Subsidiaries: 44

12-month incidents

0

Known data breaches

5

Attack type number

5

Yami

—

ISO 27001

Not verified

—

SOC 2

Not verified

—

GDPR

No public badge

—

PCI DSS

No public badge

YouTube

—

ISO 27001

Not verified

—

SOC 2

Not verified

—

GDPR

No public badge

—

PCI DSS

No public badge

Incidents vs Technology, Information and Internet Industry Average (This Year)

No incidents recorded for Yami in 2025.

Incidents vs Technology, Information and Internet Industry Average (This Year)

No incidents recorded for YouTube in 2025.

Incident History — Yami (X = Date, Y = Severity)

Yami cyber incidents detection timeline including parent company and subsidiaries

Incident History — YouTube (X = Date, Y = Severity)

YouTube cyber incidents detection timeline including parent company and subsidiaries

Yami

Incidents

No Incident

YouTube

Incidents

Date Detected: 8/2025

Type:Cyber Attack

Attack Vector: Email Spoofing, Messaging Platform (WhatsApp)

Motivation: Financial Gain (Fraudulent Services/Products) or Data Theft

Blog: Blog

Date Detected: 8/2025

Type:Vulnerability

Attack Vector: Memory Allocator Manipulation, Heap Spraying, Dangling Pointer Dereference, Function Pointer Overwrite, Virtual Function Table Corruption, Race Conditions in Multithreaded Code, Callback-Based Object Lifetime Exploitation, JavaScript Engine Manipulation (e.g., Chrome FileReader), Pointer Authentication Bypass

Motivation: Arbitrary Code Execution, Privilege Escalation, Data Corruption, Bypassing Security Mitigations (DEP, ASLR, CFI), Exploit Development for Malware Distribution, Targeted Attacks on Browsers/OS/Critical Infrastructure

Blog: Blog

Date Detected: 8/2025

Type:Vulnerability

Attack Vector: Use-After-Free (UAF) vulnerability in the Linux HFSC queuing discipline

Motivation: Security Research and Bounty

Blog: Blog

Both Yami company and YouTube company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

YouTube company has historically faced a number of disclosed cyber incidents, whereas Yami company has not reported any.

In the current year, YouTube company has reported more cyber incidents than Yami company.

YouTube company has confirmed experiencing a ransomware attack, while Yami company has not reported such incidents publicly.

YouTube company has disclosed at least one data breach, while Yami company has not reported such incidents publicly.

YouTube company has reported targeted cyberattacks, while Yami company has not reported such incidents publicly.

YouTube company has disclosed at least one vulnerability, while Yami company has not reported such incidents publicly.

YouTube company has more subsidiaries worldwide compared to Yami company.

YouTube company employs more people globally than Yami company, reflecting its scale as a Technology, Information and Internet.

Description

Flowise is a drag & drop user interface to build a customized large language model flow. In versions prior to 3.0.8, WriteFileTool and ReadFileTool in Flowise do not restrict file path access, allowing authenticated attackers to exploit this vulnerability to read and write arbitrary files to any path in the file system, potentially leading to remote command execution. Flowise 3.0.8 fixes this vulnerability.

Published

Date

2025-10-08

Updated

Date

2025-10-08

Risk Information

cvss3

Base: 9.9

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References

Description

A flaw has been found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/supplier_add.php. Executing manipulation of the argument supp_email can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.

Published

Date

2025-10-08

Updated

Date

2025-10-08

Risk Information

cvss2

Base: 6.5

Severity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base: 6.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base: 5.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

A vulnerability was detected in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/product_add.php. Performing manipulation of the argument prod_name results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used.

Published

Date

2025-10-08

Updated

Date

2025-10-08

Risk Information

cvss2

Base: 6.5

Severity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base: 6.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base: 5.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

A security vulnerability has been detected in code-projects Voting System 1.0. This affects an unknown function of the file /admin/voters_add.php. Such manipulation of the argument photo leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date

2025-10-08

Updated

Date

2025-10-08

Risk Information

cvss2

Base: 5.8

Severity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base: 4.7

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base: 5.1

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install directories allows Privilege Escalation.This issue affects MongoDB Connector for BI: from 2.0.0 through 2.14.24.

Published

Date

2025-10-08

Updated

Date

2025-10-08

Risk Information

cvss4

Base: 8.8

Severity: LOW

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

https://www.mongodb.com/docs/bi-connector/current/release-notes/#bi-2.14.25

Comparison Overview

Yami

VS

YouTube

Yami

YouTube

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Technology, Information and Internet Industry Average (This Year)

Incidents vs Technology, Information and Internet Industry Average (This Year)

Incident History — Yami (X = Date, Y = Severity)

Incident History — YouTube (X = Date, Y = Severity)

Notable Incidents

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-61913

Risk Information

CVE-2025-11511

Risk Information

CVE-2025-11509

Risk Information

CVE-2025-11508

Risk Information

CVE-2025-11535

Risk Information

Comparison Overview

Yami

VS

YouTube

Yami

YouTube

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Technology, Information and Internet Industry Average (This Year)

Incidents vs Technology, Information and Internet Industry Average (This Year)

Incident History — Yami (X = Date, Y = Severity)

Incident History — YouTube (X = Date, Y = Severity)

Notable Incidents

No Incident

🔒 Incident : Cyber Attack GOO846082525

🔒 Incident : Vulnerability GOO407081825

🔒 Incident : Vulnerability GOO726080425

FAQ

Between Yami company and YouTube company, which one has the best A.I. risk score?

Between Yami company and YouTube company, which one has experienced more cyber incidents in the past?

Between Yami company and YouTube company, which one has experienced more cyber incidents this year?

Between Yami company and YouTube company, which one has experienced at least one ransomware attack?

Between Yami company and YouTube company, which one has experienced at least one data breach?

Between Yami company and YouTube company, which one has experienced at least one targeted cyberattack?

Between Yami company and YouTube company, which one has experienced at least one vulnerability?

Between Yami company and YouTube company, which one has the most subsidiaries?

Between Yami company and YouTube company, which one has the largest number of employees?

Latest Global CVEs (Not Company-Specific)

CVE-2025-61913

Risk Information

CVE-2025-11511

Risk Information

CVE-2025-11509

Risk Information

CVE-2025-11508

Risk Information

CVE-2025-11535

Risk Information