Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/06/22 12:0 a.m.•32 views

JVN#75028871: CG-WLR300GNV Series does not limit authentication attempts

CG-WLR300GNV and CG-WLR300GNV-W provided by Corega Inc are wireless LAN routers. The WPS functionality in CG-WLR300GNV Series does not limit PIN authentication attempts, making it susceptible to brute force attacks. Impact An unauthenticated attacker within wireless range of the device may perfor...

5.3CVSS5.5AI score0.01385EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/06/16 12:0 a.m.•32 views

JVN#55428526: Deep Discovery Inspector vulnerable to remote code execution

Deep Discovery Inspector provided by Trend Micro Incorporated contains a remote code execution vulnerability. Impact An attacker who can access the product as an administrator may execute arbitrary code with the root privilege. Solution For Deep Discovery Inspector 3.5 and later: Apply the patch...

9CVSS7.4AI score0.07768EPSS
Exploits2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/05/27 12:0 a.m.•32 views

JVN#24143619: WebARENA formmail vulnerable to cross-site scripting

formmail used for the WebARENA Service provided by NTT PC Communications Incorporated contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information...

6.1CVSS6.1AI score0.0102EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/05/19 12:0 a.m.•32 views

JVN#43076390: Web Mailing List vulnerable to cross-site scripting

Web Mailing List provided by Epoch Ltd. contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the logged in user's web browser. Solution Update the Software Update to the latest version according to the information provided by the developer. Products...

6.1CVSS6AI score0.01417EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/05/16 5:48 a.m.•32 views

a-blog cms vulnerable to cross-site scripting

Overview a-blog cms provided by appleple Inc. is a content management system CMS. a-blog cms contains a cross-site scripting vulnerability in the standard template of the comment functionality. Yuya Yoshida of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC...

6.1CVSS6AI score0.01195EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/04/04 12:0 a.m.•32 views

JVN#47164236: AQUOS Photo Player HN-PP150 vulnerable to cross-site request forgery

AQUOS Photo Player HN-PP150 provided by Sharp Corporation contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page, information such as settings may be altered unintentionaly. Solution Update the Firmware Update to the latest firmware version according ...

5.8CVSS4.5AI score0.00766EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/02/15 12:0 a.m.•32 views

JVN#28042424: Cybozu Office vulnerable to information disclosure

Cybozu Office contains an information disclosure vulnerability in the mail function. Impact When a specially crafted mail is opened, images files accessible by authenticated users may be obtained by a third-party. Solution Update the Software Update to the latest version according to the...

4.3CVSS4.2AI score0.01166EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/12/17 12:0 a.m.•32 views

JVN#22533124: Adobe Flash Player issue where iframe contents may be overwritten

Adobe Flash Player contains an issue where the same-origin policy may be bypassed leading to iframe contents being overwritten. Impact Processing specially crafted Flash content may lead to iframe contents being overwritten. Solution Apply an Update Update to the latest version according to the...

5CVSS7.5AI score0.04308EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/11/30 12:0 a.m.•32 views

JVN#72891124: p++BBS vulnerable to cross-site scripting

p++BBS provided by Let's PHP! contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an Update Update to the latest version according to the information provided by the developer. Products Affected p++BBS...

6.1CVSS6AI score0.01009EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/11/27 12:0 a.m.•32 views

JVN#18889193: Apache Cordova vulnerable to improper application of whitelist restrictions

Apache Cordova provided by the Apache Software Foundation is a framework for creating mobile applications for various platforms. Android applications built using Apache Cordova contain a vulnerability where whitelist restrictions are not properly applied. Impact Accessing a specially crafted URL...

4.3CVSS6.3AI score0.04216EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/10/01 12:0 a.m.•32 views

JVN#27462572: AjaXplorer vulnerable to directory traversal

AjaXplorer contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact An authenticated attacker may view files on the server. Solution Use Pydio The developer states that the development of AjaXplorer has been discontinued and there are no...

5CVSS6.3AI score0.01895EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/08/12 12:0 a.m.•32 views

JVN#69175956: Photo Gallery CMS for PC, smartphone and feature phone (Free) vulnerable to cross-site scripting

Photo Gallery CMS for PC, smartphone and feature phone Free provided by PHP Kobo contains a cross-site scripting CWE-79 vulnerability in admin.php. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Replace admin.php with a new version according to...

4.3CVSS6AI score0.01171EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/06/30 12:0 a.m.•32 views

JVN#77386811: Explorer+ File Manager vulnerable to directory traversal

Explorer+ File Manager provided by Droidware UK contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application has...

6.4CVSS6.5AI score0.01703EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/05/28 12:0 a.m.•32 views

JVN#51176150: ZenPhoto20 vulnerable to cross-site scripting

ZenPhoto20 is a content management system CMS. ZenPhoto20 contains a cross-site scripting vulnerability CWE-79 due to a flaw in processing encoded user-supplied input. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version...

4.3CVSS5.8AI score0.01181EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/03/20 12:0 a.m.•32 views

JVN#41281927: LINE vulnerable to script injection

LINE provided by LINE Corporation is an application used to communicate with others. LINE is vulnerable to MITM man-in-the-middle attacks since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM man-in-the-middle attacker. Impac...

5.9CVSS5.3AI score0.0018EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/03/04 12:0 a.m.•32 views

JVN#09871547: Maroyaka Image Album vulnerable to cross-site scripting

Maroyaka Image Album provided by Maroyaka CGI is a CGI script for placing image files within a website. Maroyaka Image Album contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest versi...

4.3CVSS6AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/27 12:0 a.m.•32 views

JVN#62298871: KENT-WEB Clip Board vulnerability where arbitary files may be deleted

Clip Board provided by KENT-WEB is a bulletin board software that allows users to upload binary files such as image files. KENT-WEB Clip Board contains a vulnerability that may allow a remote attacker to delete arbitrary files. Impact A remote attacker may delete arbitrary files on the server...

6.4CVSS6.5AI score0.01511EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/20 12:0 a.m.•32 views

JVN#55365709: AL-Mail32 vulnerable to denial-of-service (DoS)

AL-Mail32 provided by CREAR Corporation is an email client for Windows. AL-Mail32 contains a denial-of-service DoS vulnerability due to a flaw in processing attachments. Impact Processing an attachment with a specially crafted file name may cause the software to become unresponsive. Solution Upda...

4.3CVSS6.2AI score0.01321EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/10 12:0 a.m.•32 views

JVN#96155055: PerlTreeBBS vulnerable to cross-site scripting

PerlTreeBBS from Homepage Decorator is a tree-structured bulletin board software. PerlTreeBBS contains a persistent cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according ...

4.3CVSS5.9AI score0.00942EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/11/11 12:0 a.m.•32 views

JVN#14691234: Multiple Cybozu products vulnerable to buffer overflow

Multiple products provided by Cybozu, Inc. contain a buffer overflow vulnerability CWE-119. Impact A remote attacker may cause a denial-of-service DoS or execute arbitrary code. Solution Update the Software Update to the latest version according to the information provided by the developer...

9CVSS7.4AI score0.03742EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/10/10 12:0 a.m.•32 views

JVN#63587560: Huawei E5332 vulnerable to denial-of-service (DoS)

Huawei E5332 provided by Huawei Technologies is a mobile router. Huawei E5332 contains an issue when processing a GET request that contains an extremely long parameter, which lead to the device rebooting. Impact An attacker that can send requests to the device may cause the device to become...

6.8CVSS6.2AI score0.0122EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/08 12:0 a.m.•32 views

JVN#80310172: Piwigo vulnerable to cross-site scripting

Piwigo is a software to manage and host image files on the web. Piwigo contains a cross-site scripting vulnerability when the "Community" plugin is activated and validation on user uploaded photos is disabled. Impact When a user views a specially crafted image, arbitrary JavaScript may be execute...

4.3CVSS5.8AI score0.01187EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/18 12:0 a.m.•32 views

JVN#36028879: Meridian vulnerable to cross-site scripting

Meridian provided by Nexa Technologies is a software for market trading. Meridian contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by...

4.3CVSS5.9AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/04/16 12:0 a.m.•32 views

JVN#93004610: Redmine vulnerable to open redirect

Redmine is a project management software. Redmine contains an open redirect vulnerability due to insufficient checking of the URL parameter. Impact A user who logs into Redmine may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Upda...

5.8CVSS7.2AI score0.02716EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/03/20 12:0 a.m.•32 views

JVN#14282890: Silex vulnerable to cross-site scripting

Silex is a software to build websites. Silex contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed in the user's web browser. Solution Apply an Update Update to the latest version according to the information provided by the developer. Products Affected Silex...

4.3CVSS5.8AI score0.01161EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/25 12:0 a.m.•32 views

JVN#81706478: Cybozu Garoon Keitai vulnerable to authentication bypass

Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon Keitai contains an authentication bypass vulnerability. Impact When an attacker sends a specially crafted request that includes a user ID for a user that has the Keitai function enabled, authentication using Keitai may be bypasse...

5.8CVSS6.4AI score0.01986EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/20 12:0 a.m.•32 views

JVN#03082733: D-Link DWL-2100AP vulnerable to denial-of-service (DoS)

DWL-2100AP provided by D-Link Japan contains a denial-of-service DoS vulnerability due to an issue in SSH implementation. Impact A user who can login with SSH may cause the product to reboot. Solution Update the Firmware Update the firmware to version R252JP-RC572 or later according to the...

6.3CVSS6.3AI score0.01054EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/11 12:0 a.m.•32 views

JVN#79301570: Angel Browser vulnerable in the WebView class

Angel Browser is a web browser for Android devices. Angel Browser contains a vulnerability in the WebView class. Impact If a user of the affected product uses other malicious Android application, information managed by the affected product may be disclosed. Solution Update the software Update to...

4.3CVSS6.2AI score0.00893EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/11 12:0 a.m.•32 views

JVN#99813183: Galapagos Browser vulnerable in the WebView class

Galapagos Browser is a web browser for Android devices. Galapagos Browser contains a vulnerability in the WebView class. Impact If a user of the affected product uses other malicious Android application, information managed by the affected product may be disclosed. Solution Do not use Galapagos...

4.3CVSS6.2AI score0.00893EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/02 12:0 a.m.•32 views

JVN#23465354: MosP kintai kanri fails to restrict access permissions

MosP kintai kanri is an open source attendance management software. MosP kintai kanri contains an issue where access permissions are not restricted. Impact A user's information may be obtained by another user with a MosP kintai kanri account. Solution Update the software Update to the latest...

4CVSS6.2AI score0.01094EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/02 12:0 a.m.•32 views

JVN#01598734: GoodReader vulnerable to cross-site scripting

GoodReader is a document reader for Apple mobile devices. GoodReader contains a cross-site scripting vulnerability. Impact When GoodReader is used through a web browser, an arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version...

4.3CVSS5.6AI score0.01364EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/06 12:0 a.m.•32 views

JVN#90615481: Ruby hash table implementation vulnerable to denial-of-service

The hash table implementation in Ruby contains an issue, where it may intentionally create a series of strings whose hash values collide. As a result, a denial-of-service DoS attack may be conducted. Impact When processing a series of specially crafted strings, a denial-of-service DoS may occur...

7.8CVSS8.3AI score0.04246EPSS
Exploits2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/01 12:0 a.m.•32 views

JVN#29083866: Segue vulnerable to cross-site scripting

Segue is a content management system. Segue contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Segue Segue services will no longer be available after August 31, 2012. Refer to the information provided by the...

4.3CVSS5.9AI score0.01404EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/15 12:0 a.m.•32 views

JVN#63941302: WEB MART from KENT-WEB vulnerable to cross-site scripting

WEB MART provided by KENT-WEB is a system for creating shopping websites. WEB MART contains a vulnerability when using Microsoft IE's CSS expressions, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Updat...

2.6CVSS6.2AI score0.01783EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/01/11 12:0 a.m.•32 views

JVN#63249231: Cogent DataHub vulnerable to HTTP header injection

Cogent DataHub provided by Cogent Real-Time Systems Inc. contains a HTTP header injection vulnerability also known as CRLF, carriage return line feed, injection vulnerability. Impact If a remote attacker sends a crafted HTTP header to a vulnerable system, forged information may be displayed on th...

5.8CVSS6.4AI score0.01512EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/07 12:0 a.m.•32 views

JVN#34980730: A-Form vulnerable in restricting access

A-Form is a plug-in for Movable Type that adds mail forms and survey forms. A-Form contains a vulnerability in restricting access permissions. Impact Information managed by A-Form may be altered by a user who does not have administrative privileges. Solution Update the Software Update to the late...

5.5CVSS6.1AI score0.01263EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/09/30 12:0 a.m.•32 views

JVN#16617002: BaserCMS vulnerable to access restriction

BaserCMS is an open-source Contents Management System CMS. BaserCMS contains a vulnerability in access restriction where adding a user in the user group "operators" which is created by default when BaserCMS is installed. Impact Users without administrative privileges may obtain administrative...

4.9CVSS6.2AI score0.01344EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/09/16 12:0 a.m.•32 views

JVN#28973089: SemanticScuttle vulnerable to cross-site scripting

SemanticScuttle is a social bookmarking tool. SemanticScuttle contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer...

4.3CVSS5.9AI score0.01263EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/07/29 12:0 a.m.•32 views

JVN#43105011: Android vulnerability where an incorrect SSL certificate is displayed

Android OS contains a vulnerability where a SSL certificate from an outside site is displayed when a user attempts to display a SSL certificate from a site that reads in contents from an outside site. Impact An attacker may trick the user into believing the site being visited is safe, which may...

4.3CVSS6AI score0.00787EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/07/05 12:0 a.m.•32 views

JVN#17844633: XnView may insecurely load executable files

XnView is a software for viewing and converting graphic files. XnView loads certain executables when using the "Open containing folder" function. XnView contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the...

6.9CVSS7.1AI score0.00344EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/06/29 12:0 a.m.•32 views

JVN#01547302: ALZip vulnerable to buffer overflow

ALZip is a file compression/extraction software from ESTsoft Japan Corp. ALZip contains a buffer overflow vulnerability due to improper handling of mim files. Impact When opening a specially crafted file, arbitrary code may be executed. Solution Re-install the software Download ALZip 8.21 after...

9.3CVSS7.1AI score0.05539EPSS
Exploits4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/06/10 12:0 a.m.•32 views

JVN#29212182: Java Web Start may insecurely load policy files

Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the file search path, which may insecurely load policy files. Impact An attacker may execute arbitrary code with the...

7.6CVSS8.7AI score0.02347EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/05/25 12:0 a.m.•32 views

JVN#45658190: Movable Type vulnerable to cross-site scripting

Movable Type, a web log system from Six Apart KK, contains a cross-site scripting vulnerability due to an issue in the management screen. This vulnerability is different than the previous vulnerabilities disclosed on JVN. Impact An arbitrary script may be executed on the user's web browser...

4.3CVSS6AI score0.0105EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/03/25 12:0 a.m.•32 views

JVN#99977321: Picasa may insecurely load executable files

Picasa is a software for viewing and managing photos. Picasa loads certain executables when using the "Locate on Disk" function. Picasa contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the privilege of the runni...

6.9CVSS7.1AI score0.0032EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/08 12:0 a.m.•32 views

JVN#85821104 Active! mail 2003 session ID disclosure vulnerability

Active! mail 2003 from TransWARE Co. is a web-based email software. Active! mail 2003 contains a vulnerability in which session IDs may be disclosed. Impact A remote attacker could impersonate a user of Active! mail 2003. As a result, the user's email may be viewed or configurations may be...

5.8CVSS6.2AI score0.01083EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/10/20 12:0 a.m.•32 views

JVN#33822756 Canon IT Solutions Inc. ACCESSGUARDIAN vulnerable to cross-site scripting

Canon IT Solutions Inc. ACCESSGUARDIAN is a web security gateway. ACCESSGUARDIAN contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by...

4.3CVSS5.9AI score0.01801EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/21 12:0 a.m.•32 views

JVN#20478978 Site Calendar 'mycaljp' vulnerable to cross-site scripting

Site Calendar 'mycaljp' is a calendar plugin for Geeklog, which is an open source content management system. Site Calendar 'mycaljp' contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the late...

4.3CVSS5.9AI score0.01065EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/19 12:0 a.m.•32 views

JVN#21388501 ColdFusion vulnerable to cross-site scripting

ColdFusion from Adobe is a software to develop web applications. ColdFusion contains a cross-site scripting vulnerability. This vulnerability is different from JVN28356427 and JVN48566866. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the...

4.3CVSS5.8AI score0.01773EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/05/11 12:0 a.m.•32 views

JVN#43233160 Cross-site scripting vulnerability in SKIP from SKIP User Group

SKIP from SKIP User Group is an open source SNS Social Networking Service software. SKIP contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on certain web browsers. Solution Update the software Update to the latest version according to the information provid...

4.3CVSS5.8AI score0.01223EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/04/07 12:0 a.m.•32 views

JVN#33846134 Ichitaro series buffer overflow vulnerability

The "Ichitaro" series word processing software, from JustSystems Corporation, contains an issue in the reading of Rich Text Files resulting in a buffer overflow vulnerability. When a user opens a specially crafted file locally or through a website, arbitrary code may be executed with privleges of...

9.3CVSS7.7AI score0.03475EPSS
Exploits0
Total number of security vulnerabilities5000