Backports SLE

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-31	CVE-2019-5059	Integer Overflow or Wraparound vulnerability in multiple products An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. network low complexity libsdl opensuse CWE-190	8.8
2019-07-31	CVE-2019-5058	Out-of-bounds Write vulnerability in multiple products An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. network low complexity libsdl opensuse CWE-787	8.8
2019-07-31	CVE-2019-5057	Out-of-bounds Write vulnerability in multiple products An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_image 2.0.4. network low complexity libsdl opensuse CWE-787	8.8
2019-07-30	CVE-2019-5459	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read. local low complexity videolan opensuse CWE-191	7.1
2019-07-26	CVE-2019-14274	Out-of-bounds Write vulnerability in multiple products MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c. local low complexity mcpp-project opensuse CWE-787	5.5
2019-07-18	CVE-2019-13962	Out-of-bounds Read vulnerability in multiple products lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height. network low complexity videolan opensuse debian canonical CWE-125 critical	9.8
2019-07-16	CVE-2019-13616	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. network low complexity libsdl debian opensuse fedoraproject canonical redhat CWE-125	8.1
2019-07-14	CVE-2019-13602	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file. local low complexity videolan debian canonical opensuse CWE-191	7.8
2019-07-03	CVE-2019-5052	Integer Overflow or Wraparound vulnerability in multiple products An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. network low complexity libsdl debian opensuse canonical CWE-190	8.8
2019-07-03	CVE-2019-5051	Improper Handling of Exceptional Conditions vulnerability in multiple products An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. network low complexity libsdl debian opensuse canonical CWE-755	8.8