CVE-2025-69604

An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

CVE-2025-69604

An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

EUVD-2025-206519

An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

CVE-2025-69604

CVE-2025-69604 affects Shirt Pocket’s SuperDuper! 3.11 and earlier. A local attacker can modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thereby bypassing macOS privacy controls. Affected component: the SuperDu...

CVE-2023-40425

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14, macOS Monterey 12.7.1. An app with root privileges may be able to access private information...

Wave Terminal 代码注入漏洞

Wave Terminal is an enterprise collaboration system from Wave Terminal open source. A code injection vulnerability exists in Wave Terminal version 0.12.2, which stems from Electron Fuses code injection and could lead to a TCC bypass...

CVE-2025-61229

An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

PT-2025-48487

An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

Electron Capture 安全漏洞

Electron Capture is a window capture software by Steve Seguin Personal Developer. A security vulnerability exists in Electron Capture 2.19.1 and earlier versions, which stems from a vulnerability that allows bypassing macOS TCC privacy protections and could lead to arbitrary Node.js code executio...

CVE-2023-32386

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to observe unprotected user data...

VulnCheck KEV: CVE-2021-30713

Apple macOS Transparency, Consent, and Control TCC contains an unspecified permissions issue which may allow a malicious application to bypass privacy preferences...