At IBM's X-Force 2009 Trend and Risk report is shown that vulnerabilities of 2009 has dropped. These vulnerabilities are 11 percent lower that it was on 2008, including a decline in huge categories like SQL Injections and ActiveX.

Source: http://www.spywared.com/security-news/2010/03/16/ibm-reports-about-software-security-vulnerabilities.html