all of them except CVE-2016-7255 are found by me.
all of them found by javascript kernel fuzz
| CVE | MSID | type | module | object | comment |
|---|---|---|---|---|---|
| CVE-2016-0048 | MS16-034 | out-of-band | win32k.sys | MSG | Elevation of Privilege |
| CVE-2016-0096 | MS16-018 | type-confusion | win32k.sys | HWND | Elevation of Privilege |
| CVE-2016-3252 | MS16-090 | out-of-band | win32k.sys | GDI | Elevation of Privilege |
| CVE-2016-7211 | MS16-123 | use-after-free | win32k.sys | HDC | Elevation of Privilege |
| CVE-2016-7260 | MS16-151 | out-of-band | win32k.sys | GDI | Elevation of Privilege |