Research has shown that a large number of servers are still vulnerable to the widely publicised "Heartbleed" bug.
The problem is probably even worse than that research indicates, as they only measured the largest websites in the world, which one would expect to be well maintained. There are probably many more smaller sites that aren't actively maintained that are still susceptible to this bug.