Discovered 2014
Heartbleed is a security vulnerability in the OpenSSL cryptography library. TLS and DTLS implementations in OpenSSL 1.0.1 before 1.0.1g allow remote attackers to obtain sensitive information from process memory via crafted packets.
By causing a server to disclose some of its data, this allows an attacker to obtain potentially revealing sensitive information including keys used to encrypt and decrypt communication, usernames, passwords, credit card numbers, and other sensitive information.
To see if a company in your portfolio is vulnerable to this attack, go to your portfolio and use the Vulnerability filter in your search.