The "`Secure Sockets Layer"' (SSL) and "`Transport Layer Security"' (TLS) are commonly used nowadays in the internet, especially when using connections, from which a certain level of security is recommended. Such connections may be some kind of transactions or messages, containing a high amount of private and/or confidential data. This thesis occupies the security aspects, giving a short overview of the design and function of the protocols used and the vulnerabilities abused in some known attacks. Due to the high quantity of various vulnerabilities, the work will categorize them, giving a survey whether the attacks were enabled by a lack of security in the protocol itself, or if it is either because of a specific implementation/library, specific encryption methods, specific cipher suites or an attack enabled by cookies / compression.
Subsequently, three different attacks were chosen to be discussed in detail: the POODLE attack, the Heartbleed Bug and the Bleichenbacher Attack (Million Message Attack). Furthermore, this paper will try to give some recommendations when using SSL/TLS to avoid some or most of the known attacks and bugs.