CVE-2014-0160CISA KEV: Actively Exploited

OpenSSL Information Disclosure Vulnerability

Published May 4, 2022·Updated May 4, 2022

Description

The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information.

Public Exploits & PoCs62 found

PoC: Heartbleed

A checker (site and tool) for CVE-2014-0160

2,273

PoC: heartbleed-masstest

Multi-threaded tool for scanning many hosts for CVE-2014-0160.

578

PoC: heartbleeder

OpenSSL CVE-2014-0160 Heartbleed vulnerability test

452

PoC: pacemaker

Heartbleed (CVE-2014-0160) client exploit

318

PoC: heartbleed-poc

Test for SSL heartbeat vulnerability (CVE-2014-0160)

145

PoC: heartbleed-tools

OpenSSL Heartbleed (CVE-2014-0160) vulnerability scanner, data miner and RSA key-restore tools.

94

PoC: heartbleed-PoC

:broken_heart: Hearbleed exploit to retrieve sensitive information CVE-2014-0160 :broken_heart:

65

PoC: openmagic

OpenSSL TLS heartbeat read overrun (CVE-2014-0160)

38

PoC: patch-openssl-CVE-2014-0160

Patch openssl #heartbleed with ansible

18

PoC: HeartLeak

CVE-2014-0160 (Heartbeat Buffer over-read bug)

17

PoC: MaltegoHeartbleed

Maltego transform to detect the OpenSSL Heartbleed vulnerability (CVE-2014-0160)

17

PoC: heartbleedscanner

Network Scanner for OpenSSL Memory Leak (CVE-2014-0160)

14

PoC: vaas-cve-2014-0160

Vulnerability as a service: showcasing CVS-2014-0160, a.k.a. Heartbleed

13

PoC: bleed

bleed is a tool to test servers for the 'Heartbleed' vulnerability (CVE-2014-0160).

7

PoC: bleeding_onions

Script to find Exit and Guard nodes in the Tor Network, that are still suffering from CVE-2014-0160

6

PoC: heartbleed-dtls

POC for CVE-2014-0160 (Heartbleed) for DTLS

6

PoC: CVE-2014-0160

Heartbleed variants

6

PoC: heartbleed.js

openssl Heartbleed bug(CVE-2014-0160) check for Node.js

5

PoC: heartbleed-proof-of-concept

Proof of concept for exploiting the Heartbeat Extension bug detailed in the CVE-2014-0160. :old_key: :unlock:

4

PoC: heartpatch.us

OpenSSL Heartbleed Bug CVE-2014-0160 Toolkit. Built with ❤ by Christopher Ngo.

3

PoC: Heartbleed

A checker (site and tool) for CVE-2014-0160

3

PoC: Heartbleed-PoC-Exploit-Script

This Python PoC script detects the Heartbleed vulnerability (CVE-2014-0160) by performing a TLS handshake with heartbeat extension and sending a crafted heartbeat request. It parses responses to identify leaked memory, helping assess server susceptibility to this critical OpenSSL flaw.

2

PoC: heartbleed

A collection of scripts and instructions to test CVE-2014-0160 (heartbleed). ❤️ 🩸

2

PoC: heartbleed

CVE-2014-0160 OpenSSL Heartbleed Proof of Concept

2

PoC: aws-suture

OpenSSL Heartbleed (CVE-2014-0160) vulnerability scanner.

2

PoC: heartbleed

Checks for vulnerabilities: CVE-2014-0160

2

PoC: heartthreader

Mass, multithreaded testing for servers against Heartbleed (CVE-2014-0160).

2

PoC: HeartBleed

CVE-2014-0160

1

PoC: CVE-2014-0160-Chrome-Plugin

Heartbleed

1

PoC: ssl_scanner

Heartbleed (CVE-2014-0160) SSLv3 Scanner

1

PoC: heartbleed

A research tool designed to check for OpenSSL CVE-2014-0160 vulnerability

1

PoC: ssl-heartbleed.nse

Nmap NSE script that discovers/exploits Heartbleed/CVE-2014-0160.

1

PoC: openssl-heartbleed-fix

OpenSSL Heartbleed (CVE-2014-0160) Fix script

1

PoC: HeartBleed-Vulnerability-Checker

This repo contains a script to automatically test sites for vulnerability to the Heartbleed Bug (CVE-2014-0160) based on the input file for the urls.

1

PoC: coronary

Test CIDR blocks for CVE-2014-0160/Heartbleed

1

PoC: heartbleed-extention

A firefox extension and checker for CVE-2014-0160

1

PoC: heartbleed-lab

Educational laboratory for studying CVE-2014-0160 (Heartbleed) and framing inconsistencies in TLS heartbeat handling.

PoC: Heartbleed

Demonstration of the Heartbleed CVE (CVE-2014-0160), including lab setup instructions and source code to build your own Heartbleed lab for educational purposes

PoC: CVE-2014-0160

CVE-2014-0160

PoC: CTT-HEARTBLEED-Temporal-Resonance-Memory-Leak-Exploit-Heartbleed-CVE-2014-0160

Heartbleed (CVE-2014-0160) was devastating because it leaked adjacent memory. CTT-Heartbleed goes further—it uses 33-layer temporal resonance to map, reconstruct, and extract specific memory regions across time, not just adjacent buffers.

PoC: heartbleed-poc

Proof of concept for CVE-2014-0160 (OpenSSL 1.0.1 - Heartbleed)

PoC: Project-Field-Analysis-and-Memory-Leak-Demonstration

The objective of this project was to assess a remote host for the Heartbleed vulnerability (CVE-2014-0160), verify its presence, and exploit it to extract potentially sensitive information from server memory over the TLS protocol.

PoC: HeartbleedAttack

This is the Heratbleed bug (CVE-2014-0160) documentation I did for Advenced Cyber Attacks course.

PoC: heartbleed-checker

Check for CVE-2014-0160

PoC: fuzzing

fuzzing with libFuzzer,inlude openssl heartbleed (CVE-2014-0160)

PoC: bleeding-heart

The Heartbleed bug `CVE-2014-0160` is a severe implementation flaw in the OpenSSL library, which enables attackers to steal data from the memory of the victim server. The contents of the stolen data depend on what is there in the memory of the server. It could potentially contain private keys, TLS session keys, usernames, passwords, credit cards, etc. The vulnerability is in the implementation of the Heartbeat protocol, which is used by SSL/TLS to keep the connection alive.

PoC: heartbleed

Simple OpenSSL TLS Heartbeat (CVE-2014-0160) Scanner and Exploit (Multiple SSL/TLS versions)

PoC: Heartexploit

Aquí está mi nuevo y primer exploit web, este exploit ataca a la vulnerabilidad de HeartBleed (CVE-2014-0160) espero que os guste.

PoC: heartbleed-bug

Example and demo setup for Heartbleed vulnerability (CVE-2014-0160). This should be used for testing purposes only!💔

PoC: heartbleed

Demonstration of the Heartbleed Bug CVE-2014-0160

PoC: cve-2014-0160

cve-2014-0160

PoC: OpenSSL-HeartBleed-CVE-2014-0160-PoC

来自:https://www.freebuf.com/articles/web/31700.html

PoC: Heartbleed_Dockerfile_with_Nginx

Dockerfile for testing CVE-2014-0160 Heartbleed exploitation.

PoC: heartbleed

A checker (site and tool) for CVE-2014-0160. Software from @FiloSottile for iSC Inc..

PoC: heartbleed.py

#!/usr/bin/python # Modified by Travis Lee # -changed output to display text only instead of hexdump and made it easier to read # -added option to specify number of times to connect to server (to get more data) # -added option to specify TLS version # -added option to send STARTTLS command for use with SMTP/POP/IMAP/FTP/etc... # -added option to specify an input file of multiple hosts, line delimited, with or without a port specified (host:port) # -added option to have verbose output # -added capability t

PoC: -Heartbleed-

A checker (site and tool) for CVE-2014-0160:

PoC: heatbleeding

Test script for test 1Password database for SSL Hea(r)t Bleeding (CVE-2014-0160)

PoC: heartbleed-test

CVE-2014-0160 scanner

PoC: knockbleed

CVE-2014-0160 mass test against subdomains

PoC: heartbleedchecker-chrome

Chrome extension that automatically checks visited sites for vulnerability to OpenSSL CVE-2014-0160

PoC: ssl-heartbleed.nse

Nmap NSE script that discovers/exploits Heartbleed/CVE-2014-0160

PoC: CVE-2014-0160

openssl Heart Bleed Exploit: CVE-2014-0160 Mass Security Auditor

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free