2021

2020

2019

2018

2017

2016

CVE-2016-4069 (v3: 8.8) 25 Aug 2016
Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a denial of service (disk consumption) via unspecified vectors.

2015

2014

CVE-2014-0594 (v3: 8.8) 8 Jun 2018
In the Open Build Service (OBS) before version 2.4.6 the CSRF protection is incorrectly disabled in the web interface, allowing for requests without the user's consent.

2013

2012