It's been a long time since I saw a vulnerability in SQL Server released. And to date, there haven't been any for SQL Server 2005, nearly 3 years after it's release in Nov 2005.
That changed today I saw a note from Secunia just some in: Microsoft SQL Server and MSDE Multiple Vulnerabilities, which lists a few issues with SQL Server 7, 2000, and 2005. That's a major release, and I'm surprised.
I shouldn't be, after all there are security issues with all software and I knew that one would come in SQL Server 2005 a tsome point. I'm just hoping that this is fixed in 2008 and that we don't start to see more and more.