Microsoft patches 'dangerous' zero-day already being exploited by hacking groups December 12, 2018 https://www.theinquirer.net/inquirer/news/3068124/microsoft-patch-tuesday-december-2018
I think what they mean is that you first need to get code execution on the exploited system, but you can also do this via remote exploit. So let's say you exploit some "code execution" bug in Chrome, you can combine it with this one to break out of the sandbox.
Windows Zero-Day Exploited by FruityArmor, SandCat Threat Groups March 13, 2019 https://www.securityweek.com/windows-zero-day-exploited-fruityarmor-sandcat-threat-groups Kaspersky: The fourth horseman: CVE-2019-0797 vulnerability
Experts published details of the actively exploited CVE-2019-0808 Windows Flaw March 15, 2019 https://securityaffairs.co/wordpress/82428/hacking/cve-2019-0808-win-flaw.html
Windows Flaw Exploited to Deliver PowerShell Backdoor April 15, 2019 https://www.securityweek.com/windows-flaw-exploited-deliver-powershell-backdoor Kaspersky: New zero-day vulnerability CVE-2019-0859 in win32k.sys
Microsoft Fixes Zero-Day Flaw in Win32 Driver A previously known threat actor is using the flaw in a broad cyber-espionage campaign, security vendor warns. October 13, 2021 https://www.darkreading.com/vulnera...e-includes-fix-for-0-day-flaw-in-win32-driver Kaspersky: MysterySnail attacks with Windows zero-day