Tag Archives: OpenSSL vulnerability

Over 199,500 Websites Are Still Vulnerable to Heartbleed OpenSSL Bug

It’s more than two and half years since the discovery of the critical OpenSSL Heartbleed vulnerability, but the flaw is still alive as it appears that many organizations did not remediate properly to the serious security glitch.

It was one of the biggest flaws in the Internet’s history that affected the core security of as many as two-thirds of the world’s servers i.e. half a million servers at

OpenSSL Releases Patch For "High" Severity Vulnerability

As announced on Tuesday, the OpenSSL project team released OpenSSL version 1.1.0c that addresses three security vulnerabilities in its software.

The most serious of all is a heap-based buffer overflow bug (CVE-2016-7054) related to Transport Layer Security (TLS) connections using *-CHACHA20-POLY1305 cipher suites.

The vulnerability, reported by Robert Święcki of the Google Security Team on

Critical DoS Flaw found in OpenSSL — How It Works

The OpenSSL Foundation has patched over a dozen vulnerabilities in its cryptographic code library, including a high severity bug that can be exploited for denial-of-service (DoS) attacks.

OpenSSL is a widely used open-source cryptographic library that provides encrypted Internet connections using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) for the majority of websites, as well

High-Severity OpenSSL Vulnerability allows Hackers to Decrypt HTTPS Traffic

OpenSSL has released a series of patches against six vulnerabilities, including a pair of high-severity flaws that could allow attackers to execute malicious code on a web server as well as decrypt HTTPS traffic.

OpenSSL is an open-source cryptographic library that is the most widely being used by a significant portion of the Internet services; to cryptographically protect their sensitive Web

DROWN Attack — More than 11 Million OpenSSL HTTPS Websites at Risk

A new deadly security vulnerability has been discovered in OpenSSL that affects more than 11 Million modern websites and e-mail services protected by an ancient, long deprecated transport layer security protocol, Secure Sockets Layer (SSLv2).

Dubbed DROWN, the highly critical security hole in OpenSSL was disclosed today as a low-cost attack that could decrypt your sensitive, secure HTTPS

Critical OpenSSL Flaw Allows Hackers to Decrypt HTTPS Traffic

The OpenSSL Foundation has released the promised patch for a high severity vulnerability in its cryptographic code library that let attackers obtain the key to decrypt HTTPS-based communications and other Transport layer security (TLS) channels.

OpenSSL is an open-source library that is the most widely used in applications for secure data transfers. Most websites use it to enable Secure

OpenSSL Mystery Patch is No Heartbleed

The anticipated high severity patch in OpenSSL is for a denial-of-service vulnerability in the recently released version 1.0.2 that can crash a client or server with a malformed certificate.