Aggregates CVE and security vulnerability intelligence across all dxmsoft-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk denial of service and related problems; some flaws may lead to vendor impact application crash and vendor impact memory corruption.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2009-4048 | Dxmsoft XM Easy Personal FTP Server 5.8.0 allows remote authenticated users to cause a denial of service (daemon outage) via an APPE command to one socket in conjunction with a DELE command to a second socket. | [email protected] | 4.0 | 2.41% | 2009-11-23 | 2026-04-23 |
| CVE-2009-3643 | Dxmsoft XM Easy Personal FTP Server 5.8.0 allows remote attackers to cause a denial of service via a long argument to the (1) LIST and (2) NLST commands, a differnt issue than CVE-2008-5626 and CVE-2006-5728. | [email protected] | 5.0 | 6.35% | 2009-10-09 | 2026-04-23 |
| CVE-2008-5626 | XM Easy Personal FTP Server 5.6.0 allows remote authenticated users to cause a denial of service via a crafted argument to the NLST command, as demonstrated by a -1 argument. | [email protected] | 4.0 | 35.86% | 2008-12-17 | 2026-04-23 |
| CVE-2007-1195 | Multiple buffer overflows in XM Easy Personal FTP Server 5.3.0 allow remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might overlap CVE-2006-2225, CVE-2006-2226, or CVE-2006-5728. | [email protected] | 7.5 | 4.98% | 2007-03-02 | 2026-04-23 |
| CVE-2006-6751 | Format string vulnerability in XM Easy Personal FTP Server 5.2.1 allows remote attackers to cause a denial of service (application crash) via format string specifiers in the USER command or certain other available or nonexistent commands. NOTE: It was later reported that 5.3.0 is also vulnerable. | [email protected] | 5.0 | 3.24% | 2006-12-27 | 2026-04-23 |
| CVE-2006-6750 | Format string vulnerability in XM Easy Personal FTP Server 5.0.1 allows remote attackers to cause a denial of service (application crash) via format string specifiers in a long PORT command. NOTE: this issue might be related to CVE-2006-2226. | [email protected] | 5.0 | 2.06% | 2006-12-27 | 2026-04-23 |
| CVE-2006-5728 | XM Easy Personal FTP Server 5.2.1 and earlier allows remote authenticated users to cause a denial of service via a long argument to the NLST command, possibly involving the -al flags. | [email protected] | 4.0 | 2.28% | 2006-11-06 | 2026-04-23 |
| CVE-2006-2226 | Buffer overflow in XM Easy Personal FTP Server 4.2 and 5.0.1 allows remote authenticated users to cause a denial of service via a long argument to the PORT command. | [email protected] | 5.0 | 3.50% | 2006-05-05 | 2026-04-16 |
| CVE-2006-2225 | Buffer overflow in XM Easy Personal FTP Server 4.3 and earlier allows remote attackers to execute arbitrary code, probably via a USER command with a long username. | [email protected] | 7.5 | 6.03% | 2006-05-05 | 2026-04-16 |