Change Vulnerability Report to show Vulnerabilities with present_on_default_branch

Why are we doing this work?

After #324857 (closed) and #324860 (closed) is merged we should make sure that the Vulnerability Report section under the Security & Compliance tab doesn't show Vulnerabilites that are not present on the default branch

Implementation plan

1. backend change Security::VulnerabilitiesFinder (ee/app/finders/security/vulnerabilities_finder.rb) to filter on present_on_default_branch by default.

The following point is moved to #368323 (closed)

2. database create migration to re-arranged indices to account for present_on_default branch.