Subscribe to the RSS feed in case you are interested in updates
Thanks @edisoar for the hint: IBM ISS collected information about the researches that discovered and published most Vulnerabilities in 2009 and apparently I am one of them :).
One should add that XSS was also counted as a vulnerability, would this type of low key vulnerability have been ignored I would have moved up by a few places.
Some vulnerabilities included on that list can be found here, including Remote code execution vulnerabilies in products from SUN, Oracle, Microsoft, Apple (Iphone). Needless to say that all of those vulnerabilities have been disclosed responsibly adhering to the responsible disclosure guideline.
Source: IBM ISS