Learning from what we know: How to perform vulnerability prediction using noisy historical data