Vulnerable Application: This subcategory contains threats relating to discrete software vulnerabilities residing within mobile applications running atop the mobile operating system. Note: Some vulnerabilities may be specific to a particular mobile OS, while others may be generally applicable.
Malicious or privacy-invasive application: This subcategory identifies mobile malware based threats, based in part off of Google's mobile classification taxonomy. There are no specific software vulnerabilities within this subcategory, and accordingly no CVEs are cited. Additional malware categories are included within subcategory.