Comparison Overview

Yocha Dehe Wintun Nation

VS

Ministry of Energy of the Republic of Kazakhstan

Yocha Dehe Wintun Nation

18960 Puhkum Road Brooks, California 95606, US
Last Update: 2025-03-14 (UTC)
Between 900 and 1000
http://www.yochadehe.gov

Excellent

Yocha Dehe Wintun Nation is an independent, self-governed tribal nation located in Brooks, California. The Yocha Dehe Tribe is a sovereign Native American nation and is recognized by the United States. Operating under the Tribeโ€™s own constitution and bylaws, the Tribal Council enacts laws that govern its own sovereign lands and enterprises. The Yocha Dehe Wintun Nation Tribal Council is the governing body of the Tribe. The Tribe enjoys a productive government-to-government relationship with the State of California and Yolo County. As the Tribeโ€™s governing body, the Tribal Council negotiates government-to-government agreements with the State, the County and local agencies. The Tribal Council consists of five tribal citizens who are duly elected for three-year terms by the full Tribal Community Council. As a federally-recognized tribe, Yocha Dehe possesses the inherent authority to govern its own lands and people, and manage its own affairs, for the overall health and welfare of the Tribe and its citizens. Through an independent government, Yocha Dehe has established systems and operations designed to achieve the Tribe's various mission and values, which include fostering education and cultural renewal, protecting natural resources and achieving environmental sustainability, engaging in community giving and partnerships, securing economic self-sufficiency through sound business, and more generally, protecting the overall health and wellness of the Tribe's people. The Tribal Council oversees all areas of the tribal government and its business enterprises, evaluating and making final decisions with respect to the recommendations of the Tribeโ€™s various departments and committees. The Tribe also owns and operates a number of business enterprises, including Cache Creek Casino Resort and the Sรฉka Hills Olive Mill & Tasting Room.

NAICS: 922
NAICS Definition:
Employees: 51-200
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Ministry of Energy of the Republic of Kazakhstan

Kabanbay Batyr Avenue 19, Block A Astana, KZ
Last Update: 2025-03-16 (UTC)

Excellent

Between 900 and 1000
https://www.gov.kz

The Ministry carries out the formation and implementation of state policy, coordinates the management process in the fields of oil and gas, petrochemical industry, hydrocarbon transportation, in the field of uranium mining, state regulation of the production of petroleum products, gas and gas supply, the main pipeline, electricity, heat supply in the part of heat and power plants and boiler houses producing thermal energy in the district heating zone, nuclear energy, development of renewable energy sources.

NAICS: 922
NAICS Definition:
Employees: 10,001+
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/yocha-dehe-wintun-nation.jpeg
Yocha Dehe Wintun Nation
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/kazakhstan.jpeg
Ministry of Energy of the Republic of Kazakhstan
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
Yocha Dehe Wintun Nation
100%
Compliance Rate
0/4 Standards Verified
Ministry of Energy of the Republic of Kazakhstan
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Government Administration Industry Average (This Year)

No incidents recorded for Yocha Dehe Wintun Nation in 2025.

Incidents vs Government Administration Industry Average (This Year)

No incidents recorded for Ministry of Energy of the Republic of Kazakhstan in 2025.

Incident History โ€” Yocha Dehe Wintun Nation (X = Date, Y = Severity)

Yocha Dehe Wintun Nation cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” Ministry of Energy of the Republic of Kazakhstan (X = Date, Y = Severity)

Ministry of Energy of the Republic of Kazakhstan cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/yocha-dehe-wintun-nation.jpeg
Yocha Dehe Wintun Nation
Incidents

No Incident

https://images.rankiteo.com/companyimages/kazakhstan.jpeg
Ministry of Energy of the Republic of Kazakhstan
Incidents

No Incident

FAQ

Both Yocha Dehe Wintun Nation company and Ministry of Energy of the Republic of Kazakhstan company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

Historically, Ministry of Energy of the Republic of Kazakhstan company has disclosed a higher number of cyber incidents compared to Yocha Dehe Wintun Nation company.

In the current year, Ministry of Energy of the Republic of Kazakhstan company and Yocha Dehe Wintun Nation company have not reported any cyber incidents.

Neither Ministry of Energy of the Republic of Kazakhstan company nor Yocha Dehe Wintun Nation company has reported experiencing a ransomware attack publicly.

Neither Ministry of Energy of the Republic of Kazakhstan company nor Yocha Dehe Wintun Nation company has reported experiencing a data breach publicly.

Neither Ministry of Energy of the Republic of Kazakhstan company nor Yocha Dehe Wintun Nation company has reported experiencing targeted cyberattacks publicly.

Neither Yocha Dehe Wintun Nation company nor Ministry of Energy of the Republic of Kazakhstan company has reported experiencing or disclosing vulnerabilities publicly.

Neither Yocha Dehe Wintun Nation company nor Ministry of Energy of the Republic of Kazakhstan company has publicly disclosed detailed information about the number of their subsidiaries.

Neither Yocha Dehe Wintun Nation company nor Ministry of Energy of the Republic of Kazakhstan company has publicly disclosed the exact number of their employees.

Latest Global CVEs (Not Company-Specific)

Description

An issue was discovered in chinabugotech hutool before 5.8.4 allowing attackers to execute arbitrary expressions that lead to arbitrary method invocation and potentially remote code execution (RCE) via the QLExpressEngine class.

Published
Date
2025-09-25
Updated
Date
2025-09-25
References
Description

A weakness has been identified in JeecgBoot up to 3.8.2. The impacted element is an unknown function of the file /sys/role/exportXls. This manipulation causes improper authorization. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in JeecgBoot up to 3.8.2. The affected element is an unknown function of the file /sys/user/exportXls of the component Filter Handler. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 2.1
Severity: HIGH
AV:N/AC:H/Au:S/C:P/I:N/A:N
cvss3
Base: 3.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was determined in JeecgBoot up to 3.8.2. This issue affects some unknown processing of the file /api/getDepartUserList. Executing manipulation of the argument departId can lead to improper authorization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 2.1
Severity: HIGH
AV:N/AC:H/Au:S/C:P/I:N/A:N
cvss3
Base: 3.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References