THREAT
The ability of an entity (person or thing) to adversely effect the operation or performance of an automated or manual  facility, application, or system.  The threat may be human or environmental and may be unintentional, intentional, or natural.
VULNERABILITY
A weakness in the security of an operation, process, facility, platform, etc. that enables exploitation to the point of disrupting its intended function or operation.
RISK
The potential loss of an asset (operation, process, facility, platform, etc.) that exists due to the aforementioned threat-vulnerability combination.