Inconsistent measurement and incorrect detection of software names in security vulnerability reports

As the number of vulnerability databases established by various nations continues to grow, they have accumulated hundreds of thousands of security vulnerability reports, which play a crucial role in protecting system security. However, many databases are found to lack essential information, contain inaccuracies, or are inconsistent with others. Despite these challenges, the importance of vulnerability databases continues to grow. Current research on vulnerability databases is limited to software version and vulnerability reproduction, but the software names, an essential component of vulnerability databases, have not been extensively studied. Understanding the consistency of software names in different vulnerability databases is crucial for improving the accuracy of vulnerability databases.