As long as you use only Slackware's Packages Management System[1], each and every file shipped in a package you install, remove or upgrade is recorded in the packages database /var/log/{removed_,}{packages,scripts}, making easy to track them.
[1]in addition to tools shipped in Slackware this covers at least usage of sbopkg, and also slackpkg+, I think.
About security, for the official Slackware packages the provided
Security Advisories are all you need. In addition you could follow
this thread. For third party packages that you install and slackbuilds coming from slackbuilds.org you are on you own. That said, honestly I can't remember reports of issues occurring for that reason (but of course there can have been issues of which I am not aware).
The packages database makes easy to know if you have a library installed and to which version, but of course doesn't tell you which programs use it among the official Slackware packages (though some third party apps can provide this information), let alone among the third party packages you have installed.
For that reason if you want to upgrade libraries (and apps that use them) as soon as a new version becomes available even if there's no security issue involved, Slackware is not the best choice IMHO.
More information is available @
SlackDocs, in particular
here and
there.