issues
search
usnistgov
/
mobile-threat-catalogue
NIST/NCCoE Mobile Threat Catalogue
https://pages.nist.gov/mobile-threat-catalogue
Other
142
stars
40
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
New Threat: Loss of confidentiality to app process memory
#254
sdog-nist
closed
6 years ago
0
Moved threat description to correct block
#253
sdog-nist
closed
6 years ago
0
#249 PHY threat: battery overheating to the point of device damage
#252
sdog-nist
closed
6 years ago
0
#250 New Exploit example APP-38
#251
sdog-nist
closed
6 years ago
0
New Example APP-38
#250
sdog-nist
closed
6 years ago
0
PHY Threat: Poorly-Designed Battery heats to point of damage.
#249
sdog-nist
closed
6 years ago
0
#180: Display CVEs in columns
#248
mrdrewkeller
closed
6 years ago
0
#246: Remove extra space in APP-26 Countermeasures
#247
mrdrewkeller
closed
6 years ago
0
Remove extra space in APP-26 Countermeasures
#246
mrdrewkeller
closed
6 years ago
0
#238 Update APP category titles
#245
sdog-nist
closed
7 years ago
1
#224: Restructure Possible Countermeasures
#244
mrdrewkeller
closed
6 years ago
0
Update STA-9.md
#243
cjones1
closed
7 years ago
0
Update References
#242
cjones1
closed
7 years ago
0
Adding Reference and CVE for Broadpwn
#241
cjones1
closed
7 years ago
0
#239
#240
cjones1
closed
7 years ago
0
Adding Example to PHY-5
#239
cjones1
closed
7 years ago
0
Update APP category for shorter titles
#238
sdog-nist
closed
7 years ago
0
#226 Added CVE's
#237
cjones1
closed
7 years ago
0
#219 Added CVE's
#236
cjones1
closed
7 years ago
0
#218 Added CVE's
#235
cjones1
closed
7 years ago
0
#212 Added CVE's
#234
cjones1
closed
7 years ago
0
#217 Added CVE's
#233
cjones1
closed
7 years ago
0
#216 Added CVE's
#232
cjones1
closed
7 years ago
0
#215 Added CVE's
#231
cjones1
closed
7 years ago
0
#214 Added CVE's
#230
cjones1
closed
7 years ago
0
#213 Added CVE's
#229
cjones1
closed
7 years ago
0
#227
#228
cjones1
closed
7 years ago
0
Adding CVE's for MTC Category: Arbitrary code execution via a maliciously crafted file (e.g. graphic, audio, font, x509 certificate)
#227
cjones1
closed
7 years ago
0
Adding CVE's for MTC Category: Exploitation of software vulnerability in a device driver or firmware
#226
cjones1
closed
7 years ago
0
Adding CVE's for MTC Category: Having an application rely on untrusted data for security decisions.
#225
cjones1
opened
7 years ago
0
Re-Format Countermeasures
#224
mrdrewkeller
closed
6 years ago
0
#222: Do not render threat number as H1
#223
mrdrewkeller
closed
7 years ago
0
Do not render threat number as H1
#222
mrdrewkeller
closed
7 years ago
0
#220: Render Threat Description
#221
mrdrewkeller
closed
7 years ago
0
Render Threat Description
#220
mrdrewkeller
closed
7 years ago
0
Adding CVE's for MTC Category: Malware uses device to conduct DDoS attacks.
#219
cjones1
closed
7 years ago
0
Adding CVE's for MTC Category: Malicious apps abusing operating system private APIs (typically on iOS) to gather sensitive data or perform unauthorized actions.
#218
cjones1
closed
7 years ago
0
Adding CVE's for MTC Category: Malicious app taking advantage of the device's access to an internal enterprise network (e.g. via device-wide VPN connection or connection to corporate Wi-Fi) to access enterprise resources.
#217
cjones1
closed
7 years ago
0
Adding CVE's for MTC Category: Maintaining persistence of malicious code or unauthorized privileged access across device resets by using escalated privileges to write system partitions, Trusted Execution Environment, bootloader, or other lower-level component that is typically not erased during a device reset.
#216
cjones1
closed
7 years ago
0
Adding CVE's for MTC Category: Embedding malicious code within app in encrypted or obfuscated form, then decrypting or deobfuscating and executing at runtime to evade app vetting.
#215
cjones1
closed
7 years ago
0
Adding CVE's for MTC Category: Android: Remote code execution by injecting JavaScript into a web page retrieved using WebView.
#214
cjones1
closed
7 years ago
0
Adding CVE's for MTC Category: Android: An application can request Device Administrator access and use it to make it more difficult for the user to remove the application
#213
cjones1
closed
7 years ago
0
Adding CVE's for MTC Category: Escalating Privileges on device using OS or other lower-level vulnerability to perform a malicious action or obtain a persistent presence.
#212
cjones1
closed
7 years ago
0
#210
#211
cjones1
closed
7 years ago
0
Testing to create a Pull Request
#210
cjones1
closed
7 years ago
0
#208: Enable Linting for Privacy Threats
#209
mrdrewkeller
closed
7 years ago
0
Enable Linting for Privacy Threats
#208
mrdrewkeller
closed
7 years ago
0
#206: Enable Privacy Category in Config
#207
mrdrewkeller
closed
7 years ago
0
Enable Privacy Category
#206
mrdrewkeller
closed
7 years ago
0
Sdog nist patch 199
#205
sdog-nist
closed
7 years ago
0
Previous
Next