Security patches, embedding both vulnerable code and the corresponding fixes, are of great
significance to vulnerability detection and software maintenance. However, the existing …

With the increasing popularity of open-source software, embedded vulnerabilities have been
widely propagating to downstream software. Due to different maintenance policies, software …

With the increasing usage of open-source software (OSS) components, vulnerabilities
embedded within them are propagated to a huge number of underlying applications. In …

A bug is a vulnerability if it has security impacts when triggered. Determining the security
impacts of a bug is important to both defenders and attackers. Maintainers of large software …

The Linux kernel has a rapid development cycle, with 10 commits every hour, on average.
While these updates provide new features and bug fixes, they can also introduce new bugs …

Bug reports are common artefacts in software development. They serve as the main channel
for users to communicate to developers information about the issues that they encounter …

With the increasing popularity of open-source software (OSS), their embedded
vulnerabilities have been widely propagating to downstream software. Although timely …

Non-functional bugs (eg, performance-or accuracy-related bugs) in Deep Learning (DL)
frameworks can lead to some of the most devastating consequences. Reporting those bugs …

The security risk of a software product can be decreased by finding security bug reports
(SBRs). Although the number of SBRs is frequently restricted, the class imbalance problem …

There has been a growing focus on strengthening program security to protect software
ecosystems, especially in light of the swift expansion of available programs in the software …