DeepAI AI Chat
Log In Sign Up

VulCurator: A Vulnerability-Fixing Commit Detector

by   Truong Giang Nguyen, et al.
Singapore Management University
The University of Melbourne

Open-source software (OSS) vulnerability management process is important nowadays, as the number of discovered OSS vulnerabilities is increasing over time. Monitoring vulnerability-fixing commits is a part of the standard process to prevent vulnerability exploitation. Manually detecting vulnerability-fixing commits is, however, time consuming due to the possibly large number of commits to review. Recently, many techniques have been proposed to automatically detect vulnerability-fixing commits using machine learning. These solutions either: (1) did not use deep learning, or (2) use deep learning on only limited sources of information. This paper proposes VulCurator, a tool that leverages deep learning on richer sources of information, including commit messages, code changes and issue reports for vulnerability-fixing commit classifica- tion. Our experimental results show that VulCurator outperforms the state-of-the-art baselines up to 16.1 available at and, with a demo video at


Common Vulnerability Scoring System Prediction based on Open Source Intelligence Information Sources

The number of newly published vulnerabilities is constantly increasing. ...

Automated Vulnerability Detection in Source Code Using Deep Representation Learning

Increasing numbers of software vulnerabilities are discovered every year...

TCP SYN Cookie Vulnerability

TCP SYN Cookies were implemented to mitigate against DoS attacks. It ens...

Technical Report: Gone in 20 Seconds – Overview of a Password Vulnerability in Siemens HMIs

Siemens produce a range of industrial human machine interface (HMI) scre...

Cross Project Software Vulnerability Detection via Domain Adaptation and Max-Margin Principle

Software vulnerabilities (SVs) have become a common, serious and crucial...