Michael Cowell

**Name of the Vulnerable Software and Affected Versions** Qfinder Pro Mac versions prior to 7.13.0 Qsync for Mac versions prior to 5.1.5 QVPN Device Client for Mac versions prior to 2.2.8 **Description** A path traversal issue exists that could allow a local attacker with a user account to read the contents of unexpected files or system data. **Recommendations** Update Qfinder Pro Mac to version 7.13.0 or later. Update Qsync for Mac to version 5.1.5 or later. Update QVPN Device Client for Mac to version 2.2.8 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13.5 **Description** An injection issue was addressed with improved input validation, allowing an app to potentially bypass certain Privacy preferences. **Recommendations** For macOS versions prior to 13.5, update to macOS Ventura 13.5 to resolve the issue. As a temporary workaround, consider restricting app access to sensitive Privacy preferences until the update is applied.