Well, I don't mind discussing the topic, actually I think it's good to hear other perspectives from people with in depth knowledge. Usually people that don't like Flash I see only know that they don't like ads (easily blocked, and they're usually unblockable HTML/JS crap now anyway) or the stupid "skip intro" movies (extinct now, a good thing). Flash definitely hasn't been stagnant though! They've had many new releases over years, adding major features like AS3, JIT compilation, hardware acceleration, multi-threading, new security features... I know I'm forgetting things. All that stuff was way before W3C got their act together enough to even get specs out for HTML5, so that we could be spammed with new harder to block popup ads. :) Makes you wonder, maybe corporations didn't like how Flash was so easily blocked, not good for marketing! They are the ones running these standards committees, after all.
Maybe you're an Apple or a FireFox user (both had questionable motives, particularly Apple, and neither put much effort in to improve integration), and maybe there were more problems in conjunction with those, but who's fault is it if it's working fine in other major browsers? Hard to say I think. FireFox has an unusual plug-in architecture which possibly caused issues (I've seen browsers crash too, but almost never due to Flash). Apple has their own control issues which Adobe had pointed to as a problem. So I don't really trust those guys, Flash was certainly working well enough to obtain record setting numbers of installs, and embedded itself into commercial software so firmly that it's still there today. Anything with that kind of popularity will always be a huge exploit target (like Java and Windows) and there will always be many people with issues because of the sheer size of the user base.
In contrast to FireFox and Apple's terrible security records, Flash seems to have done pretty damn good.
I'm pretty sure Flash doesn't come with any adware, I don't remember it ever, so you're probably thinking of Java. Or otherwise you could have downloaded malware (a fake version of Flash not from Adobe, no wonder it would crash then). Flash was one of the most successful and popular front-end software platforms in computing history, it's hard to believe that'd happen because it's terrible.
I'm not sure what stats you're looking at for HTML5, but I don't think the HTML5 security stuff is going to just get patched once and go away. Everything ends up with security exploits eventually. All that code still has to be maintained for new browsers, new hardware, new drivers, new features, and so on, so new issues will always arise. Since browsers are now accessing the same lower level API calls that Flash accesses, and implementing many similar features (JIT compilation for JS, hardware acceleration), they've expanded their own attack surfaces. So I have trouble believing biased critics like Apple when they claim that there's an actual difference here in terms of security. Especially considering browser security stats I've seen, these guys aren't any smarter than Adobe's devs.
I suppose if platform fragmentation is counted as a positive for security, it might be a small "improvement" (with it's own cost). If your platform is less consistent and reliable due to fragmentation, it makes malware harder to create (as well as regular software, of course), so I guess there's that. Not sure that's a great strategy, making all the software suck. And now the security problems are going to be harder to track and measure; the exploits and security stats will be scattered into browser stats, so it might look like an improvement, but maybe not a real difference. It's a complex topic for sure, not nearly as simple as so many content-less critical tech bloggers would have us believe.