But if you have to have the Shockwave plug-in, here you go. A new critical update, released 'out-of-band', meaning that this it is important to install it NOW, if you're going to bother.
Here is Adobe's Security Bulletin for Shockwave v126.96.36.199:
This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2015-7649).The CVE is not listed at Mitre.org at this time.
Here is Adobe's Shockwave download page: