Bezpečnostné alerty - AMAVEX, s.r.o.

Globálna vizualizácia hrozieb

--:--:--

Mapový podklad: OpenStreetMap

Aktívne toky: 0

Živé udalosti

Čas	Zdroj	Cieľ	Služba	Port	Priorita

Aktuálne hrozby

Aktualizované 14.04.2026 16:14

01

Bezpečnostné varovania

12 záznamov

Globálne 12 Slovensko 0 Kritické 0

02

Malvér

5 záznamov

Globálne 5 Slovensko 0 Kritické 1

03

Riziková infraštruktúra

1 záznamov

Globálne 1 Slovensko 0 Kritické 1

Bezpečnostné upozornenia

Dátum Názov Zdroj Score

13.04.2026 CVE-2012-1854 | Microsoft Visual Basic for Applications (VBA) CISA KEV 40

Popis: Microsoft Visual Basic for Applications (VBA) contains an insecure library loading vulnerability that could allow for remote code execution.

Znenie varovania:

Microsoft Visual Basic for Applications (VBA) contains an insecure library loading vulnerability that could allow for remote code execution. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Odkaz: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

13.04.2026 CVE-2025-60710 | Microsoft Windows CISA KEV 40

Popis: Microsoft Windows contains a link following vulnerability that allows for privilege escalation

Znenie varovania:

Microsoft Windows contains a link following vulnerability that allows for privilege escalation Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Odkaz: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

13.04.2026 CVE-2023-21529 | Microsoft Exchange Server CISA KEV 40

Popis: Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.

Znenie varovania:

Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Odkaz: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

13.04.2026 CVE-2023-36424 | Microsoft Windows CISA KEV 40

Popis: Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation

Znenie varovania:

Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Odkaz: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

13.04.2026 CVE-2020-9715 | Adobe Acrobat CISA KEV 40

Popis: Adobe Acrobat contains a use-after-free vulnerability that allows for code execution

Znenie varovania:

Adobe Acrobat contains a use-after-free vulnerability that allows for code execution Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Odkaz: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

13.04.2026 CVE-2026-21643 | Fortinet FortiClient EMS CISA KEV 40

Popis: Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

Znenie varovania:

Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Odkaz: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

13.04.2026 CVE-2026-34621 | Adobe Acrobat and Reader CISA KEV 40

Popis: Adobe Acrobat and Reader contain a prototype pollution vulnerability that allows for arbitrary code execution.

Znenie varovania:

Adobe Acrobat and Reader contain a prototype pollution vulnerability that allows for arbitrary code execution. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Odkaz: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

08.04.2026 CVE-2026-1340 | Ivanti Endpoint Manager Mobile (EPMM) CISA KEV 40

Popis: Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.

Znenie varovania:

Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Odkaz: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

06.04.2026 CVE-2026-35616 | Fortinet FortiClient EMS CISA KEV 40

Popis: Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.

Znenie varovania:

Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Odkaz: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

02.04.2026 CVE-2026-3502 | TrueConf Client CISA KEV 40

Popis: TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user.

Znenie varovania:

TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Odkaz: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

01.04.2026 CVE-2026-5281 | Google Dawn CISA KEV 40

Popis: Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. This vulnerability could affect multiple Chromium-based products including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Znenie varovania:

Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. This vulnerability could affect multiple Chromium-based products including, but not limited to, Google Chrome, Microsoft Edge, and Opera. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Odkaz: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

30.03.2026 CVE-2026-3055 | Citrix NetScaler CISA KEV 40

Popis: Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability when configured as a SAML IDP leading to memory overread.

Znenie varovania:

Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability when configured as a SAML IDP leading to memory overread. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Odkaz: https://www.cisa.gov/known-exploited-vulnerabilities-catalog