Adobe's April 2018 Patch Tuesday release addressed 14 security issues including six in Flash Player, 3 in Experience Manager, 2 in InDesign, 2 in Digital Editions, and 1 in the PhoneGap Push Plugin.
Updates were released for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS that addressed critical vulnerabilities in Adobe Flash Player 29.0.0.113 and earlier versions that could lead to arbitrary code execution if exploited.
Adobe also released updates for ColdFusion version 11 and the 2016 release that resolve an insecure library loading vulnerability with a severity level rated “important,” an “important” cross-site scripting vulnerability that could lead to code injection, and an “important” cross-site scripting vulnerability that could lead to information disclosure (CVE-2018-4941).
The patches also included a Critical Deserialization of Untrusted Data flaw that could lead to remote code execution and a critical Unsafe XML External Entity Processing flaw that could lead to Information Disclosure.