2020

2019

2018

2017

2016

CVE-2016-4069 (v3: 8.8) 25 Aug 2016
Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a denial of service (disk consumption) via unspecified vectors.

2015

2014

CVE-2014-0594 (v3: 8.8) 8 Jun 2018
In the Open Build Service (OBS) before version 2.4.6 the CSRF protection is incorrectly disabled in the web interface, allowing for requests without the user's consent.

2013

2012

2011