SFTP is SSH File Transfer Protocol, it is using SSH to do all the things FTP can do, but other than the feature set has no relation to FTP.
FTPS is File Transfer Protocol Secure, it is regular FTP but with SSL/TLS added on top, in basically the same manner as HTTP vs HTTPS.
SFTP is as secure as SSH, specifcally the version and type of SSH the server and client are running. There are many implementations of SSH, and often discovered security issues only apply to a certain subset of these, not to the protocol in general. If a bug is found in OpenSSH, that will affect any SFTP servers that use this as their base implementation. Also normally most non-Windows systems just provide SFTP from their regular SSH server software, because it is barely any extra code to support.
FTPS is harder to pin down the security status of, because instead of each server being based on a common SSH library, basically each FTPS server available is its own complete implementation of the protocol. The only thing an FTPS server might use a library for is the SSL/TLS encryption. It is more common to find bugs in FTPS servers that affect just that one software.