MS08-067 => RCE on Server service (SMB 445) due to improper handling of RPC requests.
MS17-010 => Eternal Blue
ALPC Task Scheduler 0-Day
CVE-2021-36934 HiveNightmare, aka SeriousSam => Windows 10 flaw that results in ANY user having rights to read the Windows registry and access sensitive information regardless of privilege level.
This section will detail privesc attacks using a few kernel exploits.