Use VulnerabilityReadsFinder when retrieving counts for the instance
security dashboard.  This is more performant as vulnerability_reads is
optimized for reading and can scan only one table.  Additionally,
VulnerabilitiesFinder has a bug where it clears previous scopes when
filtering by state, as it overwrites @vulnerabilities with
vulnerable.vulnerability_reads, which does not have the previously
applied scopes.

Changelog: fixed
EE: true