.NET might make a small class of bug less likely but it's still very easy to introduce security flaws if you don't take the time to architect things correctly. Especially if you're getting untrusted data from the Internet.
I hardly call a lack of memory leaks and corrupted memory "a small class of bugs". While I develop .Net apps these days, some of my co-workers spend huge amounts of time tracking down obscure memory corruption bugs in their C++ code. And from my days of
developing C++ apps in the past, this is also what I remember wasting endless time on.
And lets not foget how FF struggles with plugins causing all sorts of memory leaks and instability.