They can MITM SSL/TLS if they manage to forge the certificates in question, or on both endpoints by having a snooping backdoor in place on either the server or the client. Other than that there are no known weaknesses in the encryption websites use but there is a multitude of things that can and do go wrong without anybody noticing.