Lucene search
K

26 matches found

RedhatCVE
RedhatCVE
added 2026/01/30 3:24 a.m.7 views

CVE-2025-69604

An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

7.8CVSS6AI score0.00096EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/29 12:0 a.m.8 views

Shirt Pocket SuperDuper! security vulnerability

Shirt Pocket SuperDuper! is a data backup, disk cloning, and recovery tool for macOS systems developed by Shirt Pocket. Versions of Shirt Pocket SuperDuper! 3.11 and earlier contain security vulnerabilities. These vulnerabilities stem from the default task templates being susceptible to...

7.8CVSS5.8AI score0.00096EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2025/12/10 2:0 p.m.180 views

Exploit for Improper Access Control in Shirt-Pocket Superduper\!

CVE-2025-61229 Description From the developer's blog:...

8.4CVSS7.1AI score0.00257EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/12/02 12:20 a.m.5 views

CVE-2025-61228

An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism...

7.8CVSS7.7AI score0.00093EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/02 12:19 a.m.6 views

CVE-2025-61229

An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

8.4CVSS7AI score0.00116EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/02 12:19 a.m.18 views

CVE-2025-57489

Incorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers to escalate privileges to root due to the improper use of a setuid binary...

8.1CVSS7.1AI score0.00257EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/01 6:30 p.m.6 views

EUVD-2025-200026

An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism...

7.8CVSS7.2AI score0.00093EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/01 6:30 p.m.6 views

EUVD-2025-200025

An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

6.5AI score0.00116EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/01 6:30 p.m.4 views

EUVD-2025-200027

Incorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers to escalate privileges to root due to the improper use of a setuid binary...

8.1CVSS6.6AI score0.00257EPSS
Exploits1References4
OSV
OSV
added 2025/12/01 4:15 p.m.5 views

CVE-2025-61228

An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism...

7.8CVSS6.1AI score0.00093EPSS
Exploits1References3
NVD
NVD
added 2025/12/01 4:15 p.m.5 views

CVE-2025-61228

An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism...

7.8CVSS0.00093EPSS
Exploits1References2
NVD
NVD
added 2025/12/01 4:15 p.m.5 views

CVE-2025-61229

An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

8.4CVSS0.00116EPSS
Exploits1References2
OSV
OSV
added 2025/12/01 4:15 p.m.3 views

CVE-2025-57489

Incorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers to escalate privileges to root due to the improper use of a setuid binary...

8.1CVSS5.8AI score0.00257EPSS
Exploits1References3
NVD
NVD
added 2025/12/01 4:15 p.m.4 views

CVE-2025-57489

Incorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers to escalate privileges to root due to the improper use of a setuid binary...

8.1CVSS0.00257EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.6 views

Shirt Pocket SuperDuper! 安全漏洞

Shirt Pocket SuperDuper! is a data backup, disk cloning and recovery tool for macOS from Shirt Pocket. A security vulnerability exists in version v3.10 of Shirt Pocket SuperDuper! that stems from improper access control of the SDAgent component, which could result in elevated privileges to root...

8.1CVSS6.5AI score0.00257EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.12 views

PT-2025-48484

Name of the Vulnerable Software and Affected Versions Shirt Pocket SuperDuper! versions 3.10 and earlier Description An issue exists that allows a local attacker to execute arbitrary code via the software update mechanism. Recommendations Update to a version later than 3.10...

7.8CVSS7.3AI score0.00093EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/12/01 12:0 a.m.3 views

CVE-2025-61228

An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism...

7.3AI score0.00093EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.3 views

Shirt Pocket SuperDuper! 安全漏洞

Shirt Pocket SuperDuper! is a data backup, disk cloning and recovery tool for macOS from Shirt Pocket. A security vulnerability exists in Shirt Pocket SuperDuper! V.3.10 and earlier versions that originates from a local attacker who can execute arbitrary code via the software update mechanism...

7.8CVSS7.2AI score0.00093EPSS
Exploits1References4
CVE
CVE
added 2025/12/01 12:0 a.m.17 views

CVE-2025-61228

CVE-2025-61228 affects Shirt Pocket SuperDuper! versions 3.10 and earlier. The issue allows a local attacker to execute arbitrary code via the software update mechanism. The available sources indicate the vulnerability exists in pre-3.11 builds; mitigation is to update to version 3.11 (or later)....

7.8CVSS7.3AI score0.00093EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/12/01 12:0 a.m.33 views

CVE-2025-57489

Technical details for CVE-2025-57489 are not publicly available in the provided connected documents. Monitor for updates.

8.1CVSS6.7AI score0.00257EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder