It’s a bit apples-and-oranges. Snyk is one of several tools that provide dependency scanning. I.e., are you using another component/library with known vulnerabilities - and it looks like that’s what those reports are: problems in dependencies. SonarCloud provides code analysis. I.e., are there security problems with the way you’ve written your own code?
So no, I wouldn’t expect the same thing from both tools.