From LLMs to Agents: A Comparative Evaluation of LLMs and LLM-Based Agents in Security Patch Detection

The widespread adoption of open-source software OSS has accelerated software innovation but also increased security risks due to the rapid propagation of vulnerabilities and silent patch releases. In recent years, large language models LLMs and LLM-based agents have demonstrated remarkable...

How Far Are We? an Empirical Analysis of Current Vulnerability Localization Approaches

Open-source software vulnerability patch detection is a critical component for maintaining software security and ensuring software supply chain integrity. Traditional manual detection methods face significant scalability challenges when processing large volumes of commit histories, while being...

CVE-2024-30259

FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves malformed RTPS packet, heap buffer overflow occurs on the subscriber. This can remotely crash any Fast-DDS...

Microsoft IIS Patch Level Detection (English versions only)

Binary data 1717.prm...