The app security firm Veracode has released its report analyzing more than 200,000 separate applications from October 1, 2013, through March 31, 2015. The report used a unique metric, Flaw Density per MB, which means the number of security bugs in each MB of source code. PHP and less popular Web development languages Classic ASP and ColdFusion are the riskiest programming languages for the Internet, while Java and Java and.NET are the safest. PHP, Java, JavaScript, Ruby,.NET, C and C++, Microsoft Classic ASP, Android, iOS, and COBOL are the most vulnerable languages.
Source: https://thehackernews.com/2015/12/programming-language-security.html