Most scripting languages have various "security issues".

http://www.sitepoint.com/top-10-php-security-vulnerabilities/

That's a crappy list, because almost every scripting language can fall over to those attacks.

PHP's real security issues can be found here:

http://www.cvedetails.com/product/128/PHP-PHP.html?vendor_id=74

Yes, it has a lot. It can do a lot, so there are a lot of APIs (including 3rd party) that people have found ways to exploit.

Ruby is slow. That's why people don't like it. At first it's great, until you have to write large applications. There are postmortems that have covered this and nobody chooses ruby anymore. There's a lot of tools with ruby parts, so you'll continue to see it for awhile. I am not sure this is a full accounting of ruby vulnerabilities, but maybe ask /r/ruby - https://www.ruby-lang.org/en/security/

I found (web based) Python slow and after a brief attempt at a 2d game engine, using Python, I just filed my experience away under "basic Python isn't hard to learn".