Add Rancher Security Release (Jun-2024) CVEs to latest/2.8/2.7

[pdellamore]

This PR is to add the latest Rancher CVEs that were released on Jun 17 2024, to security-advisories-and-cves.md (latest/2.8/2.7):

1. Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider
2. External RoleTemplates can lead to privilege escalation
3. RKE1 Encryption Config kept in plain-text within cluster AppliedSpec
4. Credentials are stored in the RKE1 Cluster state ConfigMap