Comparison Overview

Yocha Dehe Wintun Nation

VS

City of Philadelphia

Yocha Dehe Wintun Nation

18960 Puhkum Road Brooks, California 95606, US
Last Update: 2025-03-14 (UTC)
Between 900 and 1000
http://www.yochadehe.gov

Excellent

Yocha Dehe Wintun Nation is an independent, self-governed tribal nation located in Brooks, California. The Yocha Dehe Tribe is a sovereign Native American nation and is recognized by the United States. Operating under the Tribeโ€™s own constitution and bylaws, the Tribal Council enacts laws that govern its own sovereign lands and enterprises. The Yocha Dehe Wintun Nation Tribal Council is the governing body of the Tribe. The Tribe enjoys a productive government-to-government relationship with the State of California and Yolo County. As the Tribeโ€™s governing body, the Tribal Council negotiates government-to-government agreements with the State, the County and local agencies. The Tribal Council consists of five tribal citizens who are duly elected for three-year terms by the full Tribal Community Council. As a federally-recognized tribe, Yocha Dehe possesses the inherent authority to govern its own lands and people, and manage its own affairs, for the overall health and welfare of the Tribe and its citizens. Through an independent government, Yocha Dehe has established systems and operations designed to achieve the Tribe's various mission and values, which include fostering education and cultural renewal, protecting natural resources and achieving environmental sustainability, engaging in community giving and partnerships, securing economic self-sufficiency through sound business, and more generally, protecting the overall health and wellness of the Tribe's people. The Tribal Council oversees all areas of the tribal government and its business enterprises, evaluating and making final decisions with respect to the recommendations of the Tribeโ€™s various departments and committees. The Tribe also owns and operates a number of business enterprises, including Cache Creek Casino Resort and the Sรฉka Hills Olive Mill & Tasting Room.

NAICS: 922
NAICS Definition:
Employees: 51-200
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

City of Philadelphia

City Hall, None, Philadelphia, PA, US, 19102
Last Update: 2025-07-25 (UTC)

Strong

Between 800 and 900
http://www.phila.gov

With a workforce of 30,000 people, and opportunities in 1,000 different job categories, the City of Philadelphia is one of the largest employers in Southeastern Pennsylvania. As an employer, we operate through the guiding principles of service, integrity, respect, accountability, collaboration, diversity and inclusion. We strive to effectively deliver services, to resolve the challenges facing our city, and to make Philadelphia a place where all of our residents have the opportunity to reach their potential. To learn more about job opportunities, visit www.phila.gov or follow #PHLCityJobs.

NAICS: 92
NAICS Definition: Public Administration
Employees: 11,387
Subsidiaries: 6
12-month incidents
0
Known data breaches
3
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/yocha-dehe-wintun-nation.jpeg
Yocha Dehe Wintun Nation
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/city-of-philadelphia.jpeg
City of Philadelphia
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
Yocha Dehe Wintun Nation
100%
Compliance Rate
0/4 Standards Verified
City of Philadelphia
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Government Administration Industry Average (This Year)

No incidents recorded for Yocha Dehe Wintun Nation in 2025.

Incidents vs Government Administration Industry Average (This Year)

No incidents recorded for City of Philadelphia in 2025.

Incident History โ€” Yocha Dehe Wintun Nation (X = Date, Y = Severity)

Yocha Dehe Wintun Nation cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” City of Philadelphia (X = Date, Y = Severity)

City of Philadelphia cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/yocha-dehe-wintun-nation.jpeg
Yocha Dehe Wintun Nation
Incidents

No Incident

https://images.rankiteo.com/companyimages/city-of-philadelphia.jpeg
City of Philadelphia
Incidents

Date Detected: 10/2023
Type:Breach
Attack Vector: Cyberattack
Blog: Blog

Date Detected: 5/2023
Type:Breach
Attack Vector: Unauthorized Access
Blog: Blog

Date Detected: 3/2020
Type:Breach
Attack Vector: Phishing
Blog: Blog

FAQ

Yocha Dehe Wintun Nation company company demonstrates a stronger AI risk posture compared to City of Philadelphia company company, reflecting its advanced AI governance and monitoring frameworks.

City of Philadelphia company has historically faced a number of disclosed cyber incidents, whereas Yocha Dehe Wintun Nation company has not reported any.

In the current year, City of Philadelphia company and Yocha Dehe Wintun Nation company have not reported any cyber incidents.

Neither City of Philadelphia company nor Yocha Dehe Wintun Nation company has reported experiencing a ransomware attack publicly.

City of Philadelphia company has disclosed at least one data breach, while Yocha Dehe Wintun Nation company has not reported such incidents publicly.

Neither City of Philadelphia company nor Yocha Dehe Wintun Nation company has reported experiencing targeted cyberattacks publicly.

Neither Yocha Dehe Wintun Nation company nor City of Philadelphia company has reported experiencing or disclosing vulnerabilities publicly.

City of Philadelphia company has more subsidiaries worldwide compared to Yocha Dehe Wintun Nation company.

City of Philadelphia company employs more people globally than Yocha Dehe Wintun Nation company, reflecting its scale as a Government Administration.

Latest Global CVEs (Not Company-Specific)

Description

An issue was discovered in chinabugotech hutool before 5.8.4 allowing attackers to execute arbitrary expressions that lead to arbitrary method invocation and potentially remote code execution (RCE) via the QLExpressEngine class.

Published
Date
2025-09-25
Updated
Date
2025-09-25
References
Description

A weakness has been identified in JeecgBoot up to 3.8.2. The impacted element is an unknown function of the file /sys/role/exportXls. This manipulation causes improper authorization. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in JeecgBoot up to 3.8.2. The affected element is an unknown function of the file /sys/user/exportXls of the component Filter Handler. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 2.1
Severity: HIGH
AV:N/AC:H/Au:S/C:P/I:N/A:N
cvss3
Base: 3.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was determined in JeecgBoot up to 3.8.2. This issue affects some unknown processing of the file /api/getDepartUserList. Executing manipulation of the argument departId can lead to improper authorization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 2.1
Severity: HIGH
AV:N/AC:H/Au:S/C:P/I:N/A:N
cvss3
Base: 3.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References