Skip to main content

Product Directory Enterprise Compliance Pulse AI Analyst Compare Docs

Login Start Free

Loading...

Cloud security intelligence for modern infrastructure.

Stay informed

📬 Product updates & blog posts🛡️ CVE & vendor advisory alerts

Frequency:

Sent from noreply@echelongraph.io · Unsubscribe anytime

Product

Overview
Enterprise
Agents
AI Analyst
Pricing
Compare
vs. Competitors

Resources

CVE Pulse
Vendor Health
Compliance Directory
Newsletter
Documentation
Readiness Calculator
Blog

Security Tools

Surface Scanner
AI Security Index
AI Threat Map
Shadow AI Radar
KEV-Exposure Radar
Exposed Data-Stores
Exposed AI Keys
Email Spoofability
Subdomain Takeover
Leaked Credentials
Shadow Engine Map

Company

Design Partners
Changelog
Contact
Responsible Disclosure
Verify a Scan

Legal

Privacy
Terms
Security
DPA

© 2026 EchelonGraph, Inc. All rights reserved.

SOC 2 Type IIISO 27001GDPRHIPAA Ready

Home›CVE Pulse›CWE-20

CWE-20— Improper Input Validation

11,552 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-20page 168 of 232

CVE-2022-32484MEDIUMCVSS 5.6EG 4.4
2022-10-12
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
CVE-2022-32485HIGHCVSS 7.5EG 7.8
2022-10-12
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32486HIGHCVSS 7.5EG 8.8
2022-10-11
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32487HIGHCVSS 7.5EG 7.8
2022-10-12
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32488HIGHCVSS 8.2EG 7.8
2022-10-12
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32489HIGHCVSS 8.2EG 7.8
2022-10-12
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32490HIGHCVSS 7.5EG 7.8
2023-01-18
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32492HIGHCVSS 7.5EG 8.8
2022-10-11
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32534HIGHCVSS 8.8EG 9.8
2022-06-23
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands.
CVE-2022-32577LOWCVSS 3.4EG 3.4
2023-05-10
Improper input validation in BIOS Firmware for some Intel(R) NUC Kits before version PY0081 may allow a privileged user to potentially enable information disclosure or denial of service via local access
CVE-2022-32591HIGHCVSS 7.5EG 7.5
2022-10-07
In ril, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07257259;…
CVE-2022-32593MEDIUMCVSS 6.7EG 6.7
2022-10-07
In vowe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS071384…
CVE-2022-32603MEDIUMCVSS 6.7EG 6.7
2022-11-08
In gpu drm, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS…
CVE-2022-32615MEDIUMCVSS 6.7EG 6.7
2022-11-08
In ccd, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326559; I…
CVE-2022-32616MEDIUMCVSS 6.7EG 6.7
2022-11-08
In isp, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341258; I…
CVE-2022-32631MEDIUMCVSS 6.7EG 6.7
2022-12-05
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07…
CVE-2022-32632MEDIUMCVSS 6.7EG 6.7
2022-12-05
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07…
CVE-2022-32634MEDIUMCVSS 6.7EG 6.7
2022-12-05
In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS071…
CVE-2022-32635HIGHCVSS 7.8EG 7.8
2023-01-03
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS…
CVE-2022-32636MEDIUMCVSS 6.7EG 6.7
2023-01-03
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS075…
CVE-2022-32637MEDIUMCVSS 6.7EG 6.7
2023-01-03
In hevc decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: AL…
CVE-2022-32640MEDIUMCVSS 6.7EG 6.7
2023-01-03
In meta wifi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0…
CVE-2022-32641MEDIUMCVSS 6.7EG 6.7
2023-01-03
In meta wifi, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07…
CVE-2022-32646MEDIUMCVSS 6.7EG 6.7
2023-01-03
In gpu drm, there is a possible stack overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363501…
CVE-2022-32647MEDIUMCVSS 6.7EG 6.7
2023-01-03
In ccu, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0755…
CVE-2022-32652MEDIUMCVSS 6.7EG 6.7
2023-01-03
In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262617; Issue I…
CVE-2022-32653MEDIUMCVSS 6.7EG 6.7
2023-01-03
In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262518; Issue I…
CVE-2022-32655MEDIUMCVSS 6.7EG 6.7
2023-02-06
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: G…
CVE-2022-32657MEDIUMCVSS 6.7EG 6.7
2023-01-03
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: G…
CVE-2022-32658MEDIUMCVSS 6.7EG 6.7
2023-01-03
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: G…
CVE-2022-32659MEDIUMCVSS 6.7EG 6.7
2023-01-03
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: G…
CVE-2022-32766HIGHCVSS 7.2EG 7.2
2023-05-10
Improper input validation for some Intel(R) BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-32786MEDIUMCVSS 5.5EG 5.5
2022-09-23
An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of …
CVE-2022-32797HIGHCVSS 7.1EG 7.1
2022-09-23
This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or…
CVE-2022-3294MEDIUMCVSS 6.6EG 6.6
2023-03-01
Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows cli…
CVE-2022-3312MEDIUMCVSS 4.6EG 4.6
2022-11-01
Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a local attacker to bypass managed device restrictions via physical access to the device. (Chromium security severity: Medium)
CVE-2022-3316MEDIUMCVSS 4.3EG 4.3
2022-11-01
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass security feature via a crafted HTML page. (Chromium security severity: Low)
CVE-2022-3317MEDIUMCVSS 4.3EG 4.3
2022-11-01
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 106.0.5249.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2022-33176HIGHCVSS 8.2EG 6.7
2022-11-11
Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local …
CVE-2022-33178HIGHCVSS 7.2EG 7.2
2022-10-25
A vulnerability in the radius authentication system of Brocade Fabric OS before Brocade Fabric OS 9.0 could allow a remote attacker to execute arbitrary code on the Brocade switch.
CVE-2022-33190HIGHCVSS 7.1EG 7.8
2023-02-16
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2022-33209HIGHCVSS 7.8EG 7.8
2022-08-18
Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-33211CRITICALCVSS 9.8EG 9.8
2023-04-13
memory corruption in modem due to improper check while calculating size of serialized CoAP message
CVE-2022-33216MEDIUMCVSS 6.0EG 5.5
2023-02-12
Transient Denial-of-service in Automotive due to improper input validation while parsing ELF file.
CVE-2022-33218HIGHCVSS 8.2EG 7.8
2023-01-09
Memory corruption in Automotive due to improper input validation.
CVE-2022-33300HIGHCVSS 8.4EG 7.8
2023-01-09
Memory corruption in Automotive Android OS due to improper input validation.
CVE-2022-33690MEDIUMCVSS 4.0EG 3.3
2022-07-12
Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to access arbitrary file.
CVE-2022-33703HIGHCVSS 8.5EG 7.8
2022-07-12
Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities.
CVE-2022-33704HIGHCVSS 8.5EG 7.8
2022-07-12
Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities.
CVE-2022-33708HIGHCVSS 7.8EG 7.8
2022-07-12
Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.

← PreviousPage 168 of 232Next →

Map vulnerabilities like CWE-20 to your infrastructure

EchelonGraph correlates every CVE — across CWE-20 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →