Creates the standalone vulnerability list page

What does this MR do?

This MR adds the vulnerabilities list page and navigation.

The page is at /[group]/[project]/security/vulnerabilities and the nav is under Security & Compliance > Vulnerability List at the project level.

Both the page, and the navigation are hidden behind the first_class_vulnerabilities feature flag.

Since this page is intended to be temporary whilst we work with the feature flag, it's entirely rendered in HAML and is a purposefully bare-bones representation of our current security dashboards.

The Severity badges look a little different to usual. This is to align with their updated look from this issue (#34352 (closed))

Screenshots

Does this MR meet the acceptance criteria?

Conformity

• Changelog entry
• [-] Documentation (if required)
• Code review guidelines
• Merge request performance guidelines
• Style guides
• [-] Database guides
• Separation of EE specific content

Availability and Testing

• Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
• Tested in all supported browsers

Touches #196723 (closed)