An Independent Validation of Vulnerability Discovery Models