Add repository security advisory create, update, and CVE request tools

Implement three write operations in the security_advisories toolset using
direct REST calls for POST/PATCH endpoints not yet in go-github, plus
CVE request via the existing client. Consolidate unit tests into
security_advisories_test.go.

Closes #2506

Co-authored-by: Cursor <cursoragent@cursor.com>

Author: advancedresearcharray